Browse by Tags

Related Posts
  • Blog Post: The September 2014 Security Updates

    Today, as a part of our regular Update Tuesday process, we released four security bulletins – one rated Critical and three rated Important in severity – to address 42 Common Vulnerabilities & Exposures (CVEs) in Microsoft Windows, Internet Explorer, .NET Framework, and Lync Server. We...
  • Blog Post: August 2014 Security Updates

    Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these...
  • Blog Post: Theoretical Thinking and the June 2014 Bulletin Release

    As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, this type of thinking is absolutely the correct thing...
  • Blog Post: September 2009 bulletin Release

    Advance Notification for the September 2009 Security Bulletin Release This month we will be releasing 5 security bulletins, all affecting Windows, and all with an aggregate severity rating of critical. As always, the target for release is the second Tuesday of the month at 10:00 a.m. PDT (UTC ...
  • Blog Post: MS10-070 Released Out-of-Band Today

    Hello, As we announced yesterday, today we released Security Bulletin MS10-070 out-of-band to address a vulnerability in ASP.NET. The bulletin and the blog by Scott Guthrie, corporate vice president of Microsoft's .NET Developer Platform are available for more information. This security update...
  • Blog Post: October 2009 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for October 2009 This month, we released 13 new bulletins which address 33 vulnerabilities in Windows, Internet Explorer and Microsoft Office. Since we published this information in our advance notification (ANS) last Thursday, we have been asked “is this...
  • Blog Post: A new policy for store apps and the July 2013 security updates

    There are those I’ve met who think my life is something akin to the classic comedy Groundhog Day. No, I don’t wake up to the musical stylings of Sonny and Cher each morning, but month after month after month, the second Tuesday rolls around and I’m involved in releasing security updates...
  • Blog Post: January 2010 Security Bulletin Release

    Summary of Microsoft’s Security Bulletin Release for January 2010 Hi Everyone, We hope that 2010 is off to a good start for you. For our first bulletin release of the New Year, we have one Critical bulletin affecting all versions of Windows. The bulletin, MS10-001 , addresses one vulnerability in the...
  • Blog Post: Advance Notification for Update to Address Security Advisory 2794220

    Today, we are providing Advance Notification to customers that at approximately 10 a.m. PST on Monday, January 14, 2013, we will release an out-of-band security update to fully address the issue described in Security Advisory 2794220. While we have still seen only a limited number of customers affected...
  • Blog Post: Q&A from the December 2010 Security Bulletin Webcast

    Hello, Today we published the December 2010 Security Bulletin Webcast Questions & Answers page . We fielded 17 questions, most concerning the Internet Explorer update and the re-releases of bulletins this month. We invite our customers to join us for the next public webcast on Wednesday, January...
  • Blog Post: Internet Explorer Cumulative Update Releasing Out-of-Band

    Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing security update MS10-018 tomorrow, March 30, 2010, at approximately10:00 a.m. PDT (UTC-8). MS10-018 resolves Security Advisory 981374 , addressing a publicly disclosed vulnerability in Internet Explorer...
  • Blog Post: Monthly Security Bulletin Webcast Q&A - October 2009

    Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: October 2009 Security Bulletin Date: Wednesday, October 14, 2009 Q: In reference to MS09-053 , are all Internet Information Services (IIS)...
  • Blog Post: Strength, flexibility and the March 2012 security bulletins

    Hello. Today we’re releasing six security bulletins – one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. We recommend that customers focus on MS12-020, our sole critical-class bulletin, as the March...
  • Blog Post: Advance Notification Service for August 2013 Security Bulletin Release

    Today we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for August 2013. The Critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange. As usual, we’ve scheduled the bulletin release for the second...
  • Blog Post: Microsoft security updates and the Common Vulnerability Reporting Framework

    As a part of the Industry Consortium for Advancement of Security on the Internet (ICASI), Microsoft is pleased to present an initial set of monthly security updates – originally released on May 8 – in the consortium’s newly established Common Vulnerability Reporting Framework (CVRF...
  • Blog Post: Evolving Response and the March 2013 Bulletin Release

    As my career in security response has grown over the years, I am often reminded of the words of Italian author Giuseppe Tomasi Di Lampedusa , who stated, “If we want everything to remain as it is, it will be necessary for everything to change.” There are some things that we wish to stay the...
  • Blog Post: Update - Restart Issues After Installing MS10-015

    In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating. Please review...
  • Blog Post: Q&A from the February 2011 Security Bulletin Webcast

    Hello, Today we published the February Security Bulletin Webcast Questions & Answers page . We fielded 12 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast...
  • Blog Post: Q&A from May 2011 Security Bulletin Webcast

    Hello, Today we published the May Security Bulletin Webcast Questions & Answers page . We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There were two questions during the webcast that we were unable to answer...
  • Blog Post: Security Bulletin Webcast Video, Questions and Answers – May 2009

    In the May 2009 security bulletin webcast, we addressed several questions relating to MS09-017 in addition to questions about WSUS and MBSA. For those questions that came in after we concluded the webcast, we have provided answers in the published Q&A which you can find here: http://blogs.technet...
  • Blog Post: Q&A from the March 2011 Security Bulletin Webcast

    Hello, Today we published the March Security Bulletin Webcast Questions & Answers page . We fielded five questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast...
  • Blog Post: March Out-of-Band Security Bulletin Webcast

    Hi everyone, Last week Adrian Stone and I conducted a webcast to cover the Internet Explorer out-of-band security bulletin release. We only spent a short period of timing on the presentation and then spent the rest of the time answering customer questions which you can read here . There were some interesting...
  • Blog Post: Q&A From the August 2011 Security Bulletin Webcast

    Hello, Today we published the August Security Bulletin Webcast Questions & Answers page . We fielded six questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There was one question that we were unable to answer during the webcast...
  • Blog Post: August 2010 Webcast and QA

    Hello, Today we published the Questions & Answers from the August 2010 Security Bulleting webcast . We answered a total of 17 questions concerning the March bulletins and open Security Advisories. No particular themes emerged from the questions but there were some good ones so please review them...
  • Blog Post: January 2010 Bulletin Release Advance Notification

    Advance Notification for the January 2010 Security Bulletin Release It may be a new year but here in the Microsoft Security Response Center, it is business as usual. This month we have one bulletin addressing a single vulnerability in Windows. The vulnerability is critical on Windows 2000 and low...