Welcome to TechNet Blogs Sign in | Join | Help

June 2006 - Posts

Information on a publicly disclosed Windows vulnerability.

Posted Wednesday, June 28, 2006 11:38 PM by MSRCTEAM
Adrian here again. Just wanted to post real quickly to let you know we’re looking into new public proof of concept code around a possible vulnerability in Microsoft Windows. So far we’re not aware of any attacks attempting to use vulnerability or any Read More...
3 Comments

Information about Updated MS06-025

Posted Tuesday, June 27, 2006 7:38 PM by MSRCTEAM
Hey everyone, this is Adrian Stone here and up until recently I was the newest member of the MSRC. I wanted to use my first post to let everyone know that we have updated MS06-025 complete with updated binaries for the affected platforms. As many of you Read More...
1 Comments

An update on recent public issues

Posted Saturday, June 24, 2006 4:47 PM by MSRCTEAM
We've had several questions regarding some recent issues that have affected Microsoft Excel over the last week. So, I thought I'd take a minute to review each, what the security impact could be for each issue, and what we're doing to resolve the issues. Read More...
5 Comments

Exploit code posted on the recent vulnerability addressed by MS06-025

Posted Saturday, June 24, 2006 1:57 AM by MSRCTEAM
Hi everyone, Stephen Toulouse here. We've see that detailed exploit code has been published on the Internet for the vulnerability addressed by Microsoft security bulletin MS06-025. So per the usual when something like this happens so quickly after release Read More...
1 Comments

Administrivia

Posted Thursday, June 22, 2006 8:31 PM by MSRCTEAM
Hi everyone, Stephen Toulouse here. Just posting a brief note about two quick things regarding the blog. When we originally set it up we used my user account and it's been our communal account for making posts. Unfortunately every post showed up as from Read More...
(Comments Off)

Information on Proof of Concept posting about hlink.dll

Posted Tuesday, June 20, 2006 11:17 PM by stepto
Hi everyone Christopher Budd here. I wanted to give you some information about the recent posting of proof of concept PERL script that claims to demonstrate a vulnerability in Excel's processing of long links. As soon as we received these reports we immediately Read More...
7 Comments

Security Advisory posted on the Microsoft Excel Vulnerability

Posted Monday, June 19, 2006 7:51 PM by stepto
Hi everyone, Mike Reavey here. Just wanted to let you know we have posted our mitigations and workarounds researched throughout the weekend in the for of a security advisory. It can be found here: http://www.microsoft.com/technet/security/advisory/921365.mspx Read More...
(Comments Off)

Checking in on this month's release.

Posted Saturday, June 17, 2006 6:57 AM by stepto
Hi everyone. Stephen Toulouse here. As we do every month, after release the Customer Support Service Group, the MSRC, and the affected product groups all monitor uptake of the updates and keep a sharp eye out for any issues that might be causing problems. Read More...
(Comments Off)

Update on Microsoft Excel Vulnerability

Posted Saturday, June 17, 2006 2:07 AM by stepto
Hey everyone, Mike Reavey here again. We’re headed into the weekend and I wanted to check in and provide you with some more information about the Excel issue we are investigating. As of right now it’s still just a single customer impacted. But I want Read More...
(Comments Off)

Reports of a new vulnerability in Microsoft Excel

Posted Friday, June 16, 2006 12:09 AM by stepto
Hi everyone, Mike Reavey here. We've received a single report from a customer being impacted by an attack using a new vulnerability in Microsoft Excel. Here's what we know: In order for this attack to be carried out, a user must first open a malicious Read More...
12 Comments

June 2006 security update release.

Posted Wednesday, June 14, 2006 3:57 AM by stepto
Hi everyone, Craig Gehre here. It was tempting to make some sort of Cheaper by the Dozen reference or perhaps quote something from The Dirty Dozen, but I feel it would have been a bit obvious. I’ll just keep my comments short so you can get on to more Read More...
(Comments Off)

Hello from TechEd 2006

Posted Monday, June 12, 2006 1:50 AM by stepto
Hello, this is Christopher Budd. I’m here this evening at TechEd 2006 . This year, TechEd is in Boston , Massachusetts at the Boston Convention Center . (If you want to see where we are using the new Windows Live Local, you can see a view of it here ). Read More...
(Comments Off)

Microsoft presenting at the Black Hat security conference in Las Vegas

Posted Friday, June 09, 2006 8:57 PM by stepto
Hi everyone, Stephen Toulouse here. As you probably know, all throughout the year we attend various security researcher conferences all over the world. One of the biggest and the best is the Black Hat security conference in Las Vegas. And of course the Read More...
3 Comments

Windows 98, 98SE and ME: Information about Support Lifecycle and MS06-015

Posted Friday, June 09, 2006 12:14 AM by stepto
Christopher Budd here again. I wanted to take a moment and mention a couple of things related to security updates and Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME). First, support for Windows Read More...
7 Comments

June 2006 Advance Notification

Posted Thursday, June 08, 2006 8:52 PM by stepto
This is Christopher Budd. I wanted to take a moment from my preparations for TechEd next week to let you know that we made our regular advance notification for the upcoming monthly security bulletin release next week: At approximately 10:00 am PT next Read More...
(Comments Off)

A minor revision to the Word Vulnerability advisory

Posted Friday, June 02, 2006 8:31 PM by stepto
Hi everyone. It's Stephen Toulouse again. We’re of course still hard at work on an update for the Word vulnerability. All indications still point to this being a very limited, targeted attack but we're still spending a lot of time thinking about how customers Read More...
(Comments Off)
 
Page view tracker