Browse by Tags

Tagged Content List
  • Blog Post: December 2014 Updates

    Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office ...read more
  • Blog Post: The September 2014 Security Updates

    Today, as a part of our regular Update Tuesday process, we released four security bulletins – one rated Critical and three rated Important in severity – to address 42 Common Vulnerabilities & Exposures (CVEs) in Microsoft Windows, Internet ...read more
  • Blog Post: August 2014 Security Updates

    Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet ...read more
  • Blog Post: Theoretical Thinking and the June 2014 Bulletin Release

    As security professionals, we are trained to think in worst-case scenarios. We run through the land of the theoretical, chasing “what if” scenarios as though they are lightning bugs to be gathered and stashed in a glass jar. Most of time, ...read more
  • Blog Post: Security Bulletin Webcast Questions and Answers - April 2009

    Over on the MSRC blog they posted this months Q&A in case you want to see everything that was discussed during the questions and answers part of the webcast.  I have Al Brown’s intro and a link below: ======== During this month’s webcast we were able to address 15 questions in the time allotted...
  • Blog Post: December 2009 Security Bulletin Webcast

    Looks like the MSRC posted the December security bulleting webcast last Friday: There is one question that I wanted to provide a little more information on and that references reports of KB973917 causing problems with Internet Information Services (IIS) 6.0 running on Windows Server 2003 SP2. There are...
  • Blog Post: Q&A from the October 2011 Security Bulletin Webcast

    Hello, Today we published the October Security Bulletin Webcast Questions & Answers page . We fielded eight questions across all bulletins. There was one question that we were unable to answer during the webcast due to time constraints, and we ...read more
  • Blog Post: December 2008 Monthly Security Bulletins Released

    Looks like the December 2008 monthly security bulletins are out and the new ones include: MS08-070 : Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical” MS08-071 : Vulnerabilities in GDI Could Allow...
  • Blog Post: Questions about Timing and Microsoft Security Advisory 972890

    I just posted about the MSRC’s Advance Notification for the July 2009 security bulleting release but as soon as I did that I saw that they also followed that up with some insight into 972890: We’ve gotten some questions from customers about when we got the first report of this vulnerability and how long...
  • Blog Post: February 2009 Security Bulletin Webcast Videos

    Looks like the good folks over on the Microsoft Security Response Center blog now have streaming video of the security bulletin webcasts so if you missed this and want to check it out now you can.  They have the videos broken out into two parts, the first covering the new information and the second...
  • Blog Post: FYI: The Microsoft Security Advisory 961051 was updated last Friday

    Just an FYI in case you missed it but last Friday we updated some of the information surrounding 964051 with more on what we know about it as well as some of the workarounds.  The updated official release notes are here: http://www.microsoft.com/technet/security/advisory/961051.mspx . The clarifications...
  • Blog Post: Advance Notification for the December 2009 Security Bulletin Release

    For December we are planning to release six new security bulletins addressing 12 vulnerabilities in Windows, Internet Explorer (IE) and Microsoft Office products. Three of the bulletins have a maximum severity rating of Critical and three have a maximum severity rating of Important. For all the details...
  • Blog Post: Predictions and the January 2013 Bulletin Release

    At the end of each year, some folks take a moment to jot down predictions about what the coming year has in store. I, on the other hand, do not do predictions. I am neither prognosticator, seer, fortune teller, prophet, clairvoyant, soothsayer, nor medium; ...read more
  • Blog Post: Q&A From the August 2011 Security Bulletin Webcast

    Hello, Today we published the August Security Bulletin Webcast Questions & Answers page . We fielded six questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There was one question ...read more
  • Blog Post: Advance Notification Service for August 2013 Security Bulletin Release

    Today we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for August 2013. The Critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange. As usual, we’ve ...read more
  • Blog Post: Security Advisory 980088 was released today

    Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations...
  • Blog Post: August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

    Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page . We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server ( MS13-061 ) and ...read more
  • Blog Post: The MS10-015 security update has been re-released with new detection logic

    The MSRC folks say that they have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit...
  • Blog Post: February monthly security bulleting release

    I just saw that the folks over on the MSRC blog just posted the info for the February security bulleting release.  I stole the details below from them but you can read their entire post here . ======== Today we’re releasing four new security bulletins as part of our regular monthly release...
  • Blog Post: Advance Notification for Update to Address Security Advisory 2794220

    Today, we are providing Advance Notification to customers that at approximately 10 a.m. PST on Monday, January 14, 2013, we will release an out-of-band security update to fully address the issue described in Security Advisory 2794220. While we have still ...read more
  • Blog Post: Q&A from the September 2011 Security Bulletin Webcast

    Hello, Today we published the September Security Bulletin Webcast Questions & Answers page . We fielded 15 questions primarily regarding the Diginotar Certificate compromise and the associated Security Advisory. There was one question that we were ...read more
  • Blog Post: Autorun-Related Malware Declines and the June 2011 Security Bulletin Release

    Hello there. First off, I’d like to share some news regarding the updates we made to the Autorun feature in Security Advisory 967940, which we released in February 2011. The advisory made changes to how Autorun handles “non-shiny” media ...read more
  • Blog Post: Summary of Microsoft’s Security Bulletin Release for November 2009

    Today, we released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). As we do every month, we have prepared our Risk & Impact and our Deployment Priority guidance to help customers assess...
  • Blog Post: September 2013 Security Bulletin Webcast, Q&A, and Slide Deck

    Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page . The majority of questions focused on Office bulletins, especially SharePoint Server ( MS13-067 ). We received multiple Office related questions that ...read more
  • Blog Post: October 2009 Bulletin Release Advance Notification

    The folks over on the MSRC blog just announced Advance Notification for the October 2009 Security Bulletin Release: For October we are releasing 13 bulletins (eight critical and five important), addressing 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer...