Skip to main content
MSRC

2005

New security advisory

Thursday, August 11, 2005

Hey folks – Mike Reavey here, live from the situation room. (BTW- “live from the situation room” is a new favorite term ever since our big television debut this week!) I wanted to let you know that we published an advisory on a security issue in COM object, MSDDS.DLL, that when loaded in Internet Explorer could potentially run malicious code a system.

MS05-038 Download Center Updates re-issued.

Wednesday, August 10, 2005

What a crazy 24 hours. We have now re-released MS05-038, the IE bulletin, as version 2.0. We have pushed out the updates to the Download Center with the digital signature issue resolved. If you got your updates from Windows Update, Microsoft Update, WSUS, or SUS yesterday you have nothing to worry about.

Today's Security Updates and bit of a glitch.

Tuesday, August 09, 2005

Much delayed post, but I’m sure some of you probably know or can take a good guess at what is causing my delay today. Not long after we released this morning, we found out that many of the digital signatures on some of the IE updates for MS05-038 were corrupted and were preventing install.

A virus for Windows Vista? Wrong.

Friday, August 05, 2005

Hi everyone, Stephen Toulouse here. There’s been some commentary the past couple of days regarding a potential Windows Vista virus and we wanted to weigh in with some details. First of all, in examining the details of the reports, there is no Windows Vista virus described in them. Instead, the reports are regarding potential proof of concept viruses in the form of malicious scripts that are developed to affect a new interactive shell codenamed “Monad”, which is currently in early phase of beta testing.

Slashdot article incorrect.

Friday, August 05, 2005

An article on Slashdot is saying that Monad was pulled from Windows Vista due to the virus story. This is 100% incorrect. One had nothing to do with the other. Monad is probably going to be a longer term project than Windows Vista, and we didn’t just decide to remove it today or yesterday.

My thoughts about BlackHat 2005 - Viva Las Vegas!

Thursday, August 04, 2005

Hi…. My name is Brian Schafer and I’m a newb to bloggin! <Great, now that I got that out of the way… > Wow! Viva Las Vegas! What an awesome experience! Quite a bit different from Blackhat Seattle I must say! I now have a greater appreciation for the phrase, the “city that never sleeps.

Today's Advance Notification

Thursday, August 04, 2005

Hey folks - Mike Reavey here. Next Tuesday is the 2nd Tuesday of the Month and I wanted to outline what bulletins we expect to release. At the moment we have 6 security bulletins planned for release, the highest severity rating of these is Critical. We’re also continuing to release our Malicious Software Removal tool with updates for additional malware families.

More thoughts from BlackHat 2005.

Wednesday, August 03, 2005

Hello! My name is Debbie Wilcox and I’m a Security Program Manager in the Microsoft Security Response Center (MSRC). I just got back from my very first Black Hat Conference and I have to admit, I was pleasantly surprised. I wasn’t sure what to expect, even though I’d heard stories from various co-workers.

BlackHat Day 2 report!

Friday, July 29, 2005

Hi everyone, Scott Deacon here. This is my first time blogging here! Well my first BlackHat conference is slowly coming to an end (no sessions and one party to go), as a Program Manager in the MSRC I think venturing to Las Vegas and the Blackhat conference has definitely put me in good stead for the coming months, let me tell you a little about the last few days…and why I think this is the case.

Blackhat Day 1 morning report

Wednesday, July 27, 2005

A lot of people wonder why we come to Black Hat. Well the first reason is to meet face to face with security researchers, both those that work with us as well as those who may disagree with us on philosophical points, to show them the MSRC appreaciates the work they do to help us protect our customers.