Welcome to TechNet Blogs Sign in | Join | Help

March 2006 - Posts

An update on the IE ActiveX change from Mike Nash

Posted Wednesday, March 29, 2006 7:06 PM by stepto
Hi there. Mike Nash from the STU. Earlier this year, during our response to the WMF zero exploit with an out-of-band band security update, I wrote a blog entry explaining the details of how we got to the decision to release that update early. I received Read More...
1 Comments

Third party solutions to the Internet Explorer CreateTextRange vulnerability

Posted Tuesday, March 28, 2006 8:43 PM by stepto
Hi everyone, Mike Reavey here. I wanted to make everyone aware of some recent developments regarding the “Create TextRange” IE vulnerability. First off we're still not seeing increased spread of attacks, and in fact have been very active in taking down Read More...
(Comments Off)

Update regarding recent Internet Explorer attacks

Posted Monday, March 27, 2006 12:36 AM by stepto
Hi gang, Stepto here again. The MSRC in combination with our internal and external partner teams have been working through the weekend looking at the recent attacks involving the IE vulnerability I mentioned previously. So far we’re still seeing only Read More...
(Comments Off)

Recent exploits regarding the Internet Explorer HTML handling vulnerability.

Posted Saturday, March 25, 2006 5:21 AM by stepto
Hi everyone, Stepto here. Today the MSRC became aware of public reports of attacks on some PC users utilizing the vulnerability that Lennart posted about in Internet Explorer . Here's what we know. The attacks are limited in scope for now and are being Read More...
(Comments Off)

New publicly disclosed vulnerability in Internet Explorer

Posted Wednesday, March 22, 2006 9:18 PM by stepto
Hi, It’s Lennart again. Wanted to let you know that today we saw another public posting around a vulnerability in Internet Explorer. This one is different than the crash bug I wrote about earlier. The public posting speaks about createTextRange() and Read More...
(Comments Off)

Publicly disclosed vulnerability in Internet Explorer

Posted Tuesday, March 21, 2006 12:54 AM by stepto
Hi everyone, Lennart Wistrand here. You may have heard about an IE crashing vulnerability that was unfortunately publicly posted before the weekend. We just wanted to make a quick note here that, as always, we’re investigating it. So far we’ve determined Read More...
(Comments Off)

March 2006 Bulletin Release

Posted Wednesday, March 15, 2006 12:17 AM by stepto
‘I want my two… bulletins’. For some reason an unrelenting paperboy’s quest for two dollars seems to echo in my mind today. It seems so small yet it is so important. Well today the MSRC released two new bulletins. One for Office and the other for Windows, Read More...
(Comments Off)

March 2006 Advanced Notification

Posted Friday, March 10, 2006 12:13 AM by stepto
Hey folks, Mike Reavey here, I wanted to take a quick second to make sure everyone saw the Advance Notification for the Security Bulletin release for March. This coming Tuesday, the 14th, we’re planning to release two security bulletins, and they are Read More...
(Comments Off)

Security advisory posted, and RSA thoughts.

Posted Wednesday, March 01, 2006 3:20 AM by stepto
Hi everyone, Stepto here. (I'm giving up on the "Stephen Toulouse here" after many people I met at RSA greeted me as "Stepto", but as a side note since I created the blog under "Stepto" please remember that posts made by individuals on the MSRC are made Read More...
(Comments Off)
 
Page view tracker