Craig here again. What a day. Release Day. You never know what it is going to bring around here. Craziness usually, but I like it that way. I usually come in early on release day and it is one of the few days in a year where I will get some breakfast from one of the cafeterias here. Today I decided to bust out with some biscuits and gravy, and a few pieces of bacon. Then my staple, a venti almond mocha with a wee bit of whip cream (takes the heat off those first few sips). My family always...

Hi everyone, Craig Gehre here, release manager for the MSRC. I wanted to briefly check in and let you know that the release has gone as scheduled and we have the following updates available: MS05-025 addresses a vulnerability in Microsoft Windows and has a maximum severity rating of “Critical.” MS05-026 addresses a vulnerability in Microsoft Windows and has a maximum severity rating of “Critical.” MS05-027 addresses a vulnerability in Microsoft Windows and has a maximum severity rating of “Critical...

MSRC’s Release Manager Craig Gehre here. I’ll write first about what you probably care most about today, then on to who I am and why I’m the newest blogger on this site. This morning we posted the advance notification for next Tuesday’s bulletin release: 7 bulletins affecting Windows. The maximum severity rating for these security updates is Critical and some will require a restart. 1 bulletin affecting Windows and Microsoft Services for UNIX. The, maximum severity rating for this...

For attendees and staff alike, TechEd is a busy place with long hours, aching backs and sore feet - but worth it! I have spent every second that our stand has been open meeting with our customers - and what a variety there is! We might learn the experiences of a home user with Windows Update one minute, then discuss the issues facing a 200,000 seat world-wide deployment the next. I discuss my favorite beer from Munich and reporting and auditing in German with somebody, then the next person I meet...

I spent all day yesterday manning the MSRC Cabana and Security Guidance Booth. Between Stephen’s voice looping on the MSRC video running in the Cabana, and Simon’s funky accent saying “What can I tell you about the MSRC?” to every passer-by, I was so happy last night to be in the silence of my hotel room. However, some of the great interaction with the customers coming by the booth makes it all worth it. My job often takes place behind a computer screen... it's good to meet our customers face to...

I just want to take a moment to thank *everyone* who attended the MSRC talk today at Tech Ed. You guys asked some great questions and provided some awesome feedback. What I heard from you resoundingly, is that we're on the right track, and there are still great things we can do to further assist you. The talk ran about an hour and a half and you were all very gracious to laugh at my jokes and listen as we discussed the Security Bulletin Process, the Software Development Lifecycle, and our Emergency...

Wow, oh wow. It's always a pleasure to see Steve Ballmer speak, and it's a greater privilege to be here at Tech Ed 2005 supporting the great things he noted in his keynote. I've seen Bill Gates speak many times, but other than some internal presentations to employees I've never gotten a chance to see Steve speak to our customers live. (Steve's speech will be available in webcast form in a few hours. Check in here to watch.) I'm working the booth and cabana all day in addition to my security...

Hi folks, counting down - it's just a couple of weeks now until TechEd Orlando. Stephen, Mike and I are excited to have the opportunity once again to meet our customers, and hear your experiences and feedback around our security bulletins. This year at TechEd we will take this a step further with a focus group on exactly this topic. We really need to hear from you how you use our Security Bulletins, as part of our continual process evaluating how we can make the security bulletin offering more valuable...

It’s been just over a year since we experienced our last major network worm outbreak, Sasser, which exploited a vulnerability in the LSASS component of Windows in April 2004. On the security response team at Microsoft, it is part of our process to do post mortems after incidents or outbreaks and review how we can better manage these incidents more effectively for customers. We did that after Slammer, which actually prompted the development of our Software Security Incident Response Plan; we...

Hey folks - Mike Reavey here. Recently, some folks have asked us if there's a new security update in MSN Messenger. In doing some investigation, we've realized that these questions might be coming in because the "Date Published" on this page on our Download Center : shows it was published last Tuesday. Because of that it does look like there may be a new security issue in MSN Messenger 6.2. This download page is associated with the update referenced in MS05-009 , published on February 8, 2005. The...