Browse by Tags

Related Posts
  • Blog Post: Q&A from May 2011 Security Bulletin Webcast

    Hello, Today we published the May Security Bulletin Webcast Questions & Answers page . We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There were two questions during the webcast that we were unable to answer...
  • Blog Post: Security Advisory 979352 Released

    Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks. Today, Microsoft issued guidance to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet...
  • Blog Post: Announcing the BlueHat Prize for Advancement of Exploit Mitigations

    Protecting the general computing ecosystem is a really tough job, and given some of the media headlines, it’s easy to get discouraged and wallow in the problems. It seems like we’re constantly bombarded with statistics measuring the number of bugs, vulnerabilities, or attacks in an attempt...
  • Blog Post: October 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for October 2009 This month, we released 13 new bulletins which address 33 vulnerabilities in Windows, Internet Explorer and Microsoft Office. Since we published this information in our advance notification (ANS) last Thursday, we have been asked “is this...
  • Blog Post: January 2010 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for January 2010 Hi Everyone, We hope that 2010 is off to a good start for you. For our first bulletin release of the New Year, we have one Critical bulletin affecting all versions of Windows. The bulletin, MS10-001 , addresses one vulnerability in the...
  • Blog Post: Guidance on Internet Explorer XSS Filter

    The XSS Filter related Blackhat EU presentation discussed a vulnerability that was previously disclosed and addressed in the January security update to Internet Explorer ( MS10-002 ). This attack scenario involved modified HTTP responses, enabling XSS on sites that would not otherwise be vulnerable....
  • Blog Post: November 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for November 2009 Today, we released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). As we do every month, we have prepared our Risk &...
  • Blog Post: August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

    Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page . We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server ( MS13-061 ) and Windows Kernel ( MS13-063 ). There were 3 additional...
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - March 30, 2010

    Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: March 2010 Out-of-Band Security Bulletin Date: Tuesday, March 30, 2010 Q: CVE-2010-0483 , like CVE-2010-0806 , is a remote code executable...
  • Blog Post: August 2009 Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components...
  • Blog Post: June 2010 Security Bulletin Release

    Hi everyone, Today, as part of our regular monthly security bulletin release cycle, we released 10 bulletins to address 34 total vulnerabilities in Windows, Microsoft Office (including SharePoint), Internet Explorer (IE), Internet Information Services (IIS), and the .NET Framework. Only three of these...
  • Blog Post: Out-of-Band Security Bulletin Webcast Q&A - January 21, 2010

    Hosts: Adrian Stone , Senior Security Program Manager Lead Jerry Bryant, Senior Security Communications Manager Lead Website: TechNet/security Chat Topic: January 2010 Out-of-Band Security Bulletin Date: Thursday , January 21, 2010 Q: I understand the severity for workstaitons. Is the...
  • Blog Post: Exploitability Index Improvements & Advance Notification Service for May 2011 Bulletin Release

    Hello everyone, Today we are announcing changes to Microsoft’s Exploitability Index. Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more...
  • Blog Post: August 2012 Security Bulletin Webcast, Q&A, and Slide Deck

    Hello. Today we’re publishing the August 2012 Security Bulletin Webcast Questions & Answers page . During the webcast, we fielded twelve questions focusing primarily on MS12-060 covering Windows Common Controls, MS12-052 regarding Internet Explorer, and Security Advisory 2661254 addressing...
  • Blog Post: February 2010 Security Bulletin Release

    MSRC Bulletin Release Blog Post Hi everyone, As mentioned in our ANS blog post last week, today we are releasing 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office. In the post on Thursday, we mentioned that bulletins in the ANS listed...
  • Blog Post: Exploitability Index Improvements Now Offer Additional Guidance

    Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Exploitability Index: a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. ...
  • Blog Post: December 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for December 2009 As noted in our Advance Notification ( ANS ) last Thursday, for the December bulletin release we issued six security bulletins addressing 12 vulnerabilities. Affected products include Windows, Internet Explorer (IE) and Microsoft Office...
  • Blog Post: Advisory 979352 Updated

    Hello, Today we updated Security Advisory 979352 to let customers know that we are aware that exploit code for the vulnerability used in recent attacks against IE 6 users, has now been made public. Information on which versions of Internet Explorer are vulnerable and what customers can do to protect...
  • Blog Post: MS10-046 Released Out-of-Band Today

    Hello, As we announced on Friday , today we released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. This security update addresses a vulnerability in the handling of shortcuts that affects all currently supported versions of Windows XP, Vista, Windows 7, Windows Server...
  • Blog Post: September 2009 Security Bulletin Webcast Video and Customer Q and A

    In the September 2009 security bulletin webcast, it was clear that customers had a lot of concerns about MS09-048 as almost half the questions we answered were on that topic. The questions and answers from the session are now posted here on the blog . As we mentioned in the webcast, The MS09-048 bulletin...