Hi everyone. This is Jonathan from the SWI team in the MSRC. We’ve just released Security Advisory 943521 regarding a vulnerability affecting Windows Server 2003 and Windows XP with Internet Explorer 7 installed. As you have probably noted there’s been a fair amount of discussion on this issue. One of the reasons we are releasing this Advisory is due to increased risk given recent discussions about how this vulnerability could be used in attacks. Another reason is to clear up the confusion we see...

Hello this is Christopher Budd, I wanted to let you know that we’ve just posted an Advance Notification for an out-of-band bulletin release. We plan to release one Windows security bulletin with a maximum severity of Critical; scheduled for a target time of 10:00 a.m. PT on Thursday Oct. 23, 2008. A restart will be required. We have scheduled a special webcast to cover this release. This will also be on Thursday at 1 p.m. PT. You can register for it here . Thanks Christopher *This...

Hey everyone this is Adrian and I am writing to try and clear up some concerns regarding a recently reported vulnerability in the Speech Recognition feature of Windows Vista. An issue has been identified publicly where an attacker could use the speech recognition capability of Windows Vista to cause the system to take undesired actions. While it is technically possible, there are some things that should be considered when trying to determine what the threat of exposure is to your Windows Vista system...

Hi, this is Christopher Budd. We’ve gotten some questions here today about public reports claiming there’s a new vulnerability in Internet Explorer 7. This is an issue that we have under investigation and so we have some technical information we can share about the issue. These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in...

Stepto here. It’s a late, late Saturday night. We’ve been made aware of a recent SANS Internet Storm Center diary post several hours ago regarding an active exploit on MS06-040. We wanted to let you know what we’ve been doing about the situation and what we know. Our AV teams have labeled this Win32/Graweg.A and Win32/Graweg.B and have added detection to http://safety.live.com already as well as our various other offerings such as Windows Onecare. So far, this appears to be an extremely targeted...

Hi everyone, Stephen Toulouse here. We wanted to provide you with information about the MS06-042 re-release that was scheduled to occur today. As posted on August 15 th , we noted we would be re-releasing MS06-042 today to address a crashing issue that could occur if you are using HTTP 1.1 in combination with Internet Explorer 6.0 SP1. Late last night we discovered an issue that led us to the difficult but necessary decision to not release this update today. Providing the update in its current state...

Hi everyone, As usual the holiday season is a busy time for everyone including those of us here in the MSRC. I hope that everyone has finished their holiday shopping so they can enjoy the long weekend. This is Mike Reavey by the way in case anyone was wondering. Aside from discussing the holidays, the reason I am dropping in on the blog is that right now we are closely monitoring developments related to a public posting of proof of concept code targeting an issue with the Client Server Run...

Hey everyone this is Adrian Stone, I wanted to let people know that we have just posted Microsoft Security Advisory (935964) . This advisory talks about a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service. Our investigation has shown that this affects Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2. Because this is a server service, Windows 2000 Professional Service Pack 4, Windows XP Service Pack...

Hello everyone, This is Christopher Budd. I wanted to follow up on my posting from Sunday night to let you know that we’ve released the security update, MS07-017 , that addresses the vulnerability in Windows Animated Cursor Handling. As I noted on Sunday night, we originally planned to release the update on Tuesday, April 10, 2007 as part of our regular monthly release of security bulletins. We have been monitoring the situation throughout and our indications, and those of our MSRA partners...

Hey everyone this is Adrian Stone, I wanted to let people know that we have just posted Microsoft Security Advisory (935423) . This advisory addresses new public reports of very limited attacks against a newly reported vulnerability in Microsoft Windows Animated cursor handling. We’ve activated our Software Security Incident Response Process (SSIRP) and there are few items worth noting: In order for this attack to be carried out, a user must either visit a Web site that contains a Web page...