Hi there. Mike Nash from the STU. Earlier this year, during our response to the WMF zero exploit with an out-of-band band security update, I wrote a blog entry explaining the details of how we got to the decision to release that update early. I received a lot of feedback from customers around the world that the blog entry and the internal insights into our decision-making process in that situation was very helpful and that we should make it a consistent practice for issues that have widespread impact...

Hi everyone, As usual the holiday season is a busy time for everyone including those of us here in the MSRC. I hope that everyone has finished their holiday shopping so they can enjoy the long weekend. This is Mike Reavey by the way in case anyone was wondering. Aside from discussing the holidays, the reason I am dropping in on the blog is that right now we are closely monitoring developments related to a public posting of proof of concept code targeting an issue with the Client Server Run...

Today we released Security Advisory 2757760 to address an issue that affects Internet Explorer 9 and earlier versions if a user views a website hosting malicious code. Internet Explorer 10 is not affected. We have received reports of only a small number of targeted attacks and are working to develop a security update to address this issue. In the meantime, customers using Internet Explorer are protected when they deploy the following workarounds and mitigations included in the advisory: ...

Hello, We are aware of a publicly disclosed vulnerability affecting Windows XP and Windows Server 2003. We are not aware of any current exploitation of this issue and customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack. This issue was reported to us on June 5 th , 2010 by a Google security researcher and then made public less than four days later, on June 9 th , 2010. Public disclosure of the details...

Hi, We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015 . We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit . We were able to reach this conclusion after the comprehensive...

Hi, this is Christopher Budd. We’ve gotten some questions here today about public reports claiming there’s a new vulnerability in Internet Explorer 7. This is an issue that we have under investigation and so we have some technical information we can share about the issue. These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in...

Hi, It’s Lennart again. Wanted to let you know that today we saw another public posting around a vulnerability in Internet Explorer. This one is different than the crash bug I wrote about earlier. The public posting speaks about createTextRange() and a way that this could be utilized to get code to run when visiting a specially crafted Web page. We’re still investigating, but we have confirmed this vulnerability and I am writing a Microsoft Security Advisory on this. But we wanted to make sure customers...

Hello, We recently became aware of a complex piece of targeted malware known as “Flame” and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated...

Portuguese (Brazil) , Русский Today we released a new update to replace KB2823324, which was originally made available through MS13-036 . As we previously discussed , we stopped distributing this update when we learned some customers were having issues. The new update, KB2840149 , still addresses the Moderate security issue described in MS13-036, and should not cause these issues. If you have automatic updates enabled, you won’t need to take any actions. For those manually updating, we encourage...

Hello everyone, this is Christopher Budd. We have some new information tonight on the status of the security update that we’re working on that addresses the vulnerability in Windows Animated Cursor Handling. From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code. In light of these points, and based on customer feedback, we have been...