During Conficker we realized that a lot of customers are on unsupported OSs. I would like to draw your attention to a few things: There is a webpage called Microsoft Support Lifecycle where you find all the information on the lifecycle of our products...

I just want to make sure you have seen it: There were some reports in the last day or two about targeted attacks on Excel. We are aware of these reports and are looking into this. In order to give you our assessment of the situation, we published Microsoft...

A few days ago, we released the Security Compliance Management Toolkit. I think that this toolkit might definitely help you to secure your environment and monitor it against a security baseline Security Compliance Management Toolkit Series Roger

This is an interesting paper from Microsoft Research. Now, before you read it: This is research and be no means a commitement to develop it for IE 9. The Multi-Principal OS Construction of the Gazelle Web Browser Roger

Jeff Jones just started a blog series to show the impact of our Security Development Lifecycle on the updates to be deployed. It is a pretty interesting read: Here is the February version: Feb09 Security Bulletin SDL Benefit Summary Roger

I guess you know Get Safe Online in the meantime. They are publishing a lot of good and insightful information. Now, they collaborate with the Office of Fair Trading in the UK for a Scam Awareness Month. Again, there is a log of excellent information...

Not directly security related: I am often asked about the interoperability between our products and third-party products. Additionally people claim that we do not allow others to use our technology – that we lock you in. Just now I read the following...

Yes, Conficker is far from being over. We still see a lot of infections. Therefore we decided to publish additional guidance for Conficker: Microsoft Conficker guidance page for IT Professionals and those focused on security in the enterprise: http:/...

Jon and Steven released another blog post on UAC and explained their decision how to change things : They start with the risk of blogging: When we started the “E7” blog we were both excited and also a bit uneasy. The excitement is obvious. The unease...

I have to come back to the UAC problem again. I just read a good article from Larry Seltzer on eWeek.com: Both Sides of the Win7 UAC Problem I think it is one of the first one I read, which takes the emotions out of the discussion and tries to understand...

No, sorry but this is not a tutorial I just read this blog post on Websense which is pretty interesting: The way to a zero-day Roger

It is always interesting how some things spin off. The claimed UAC vulnerability in Windows 7 in one of those events. There are numerous blogs which claim that they found a huge vulnerability in Windows 7. The reason for that is that you can change the...