Friday, April 27, 2007
Hello everyone, This is Christopher Budd. We’ve not seen any new developments in the DNS situation but I wanted to go ahead and take a minute to recap the current situation so everyone is up-to-date. Also, I wanted to call out some information for your deployment planning to help expedite the deployment of the security update for this issue when we release it.
Thursday, April 26, 2007
Hi everyone this is Adrian Stone. One question that I still get regularly on the .ANI case that was part of the MS07-017 bulletin by many people outside of Microsoft is “After all the work Microsoft did leveraging the Security Development Lifecycle, why didn’t it help catch this vulnerability in Windows Vista?
Sunday, April 22, 2007
Hello everyone, This is Christopher Budd. I wanted to take a moment and provide a brief update on the situation from our work over the weekend. As of tonight, the situation remains unchanged. Our teams are continuing to work on developing and testing updates for this issue, and our ongoing monitoring of the situation shows that attacks are still not widespread.
Friday, April 20, 2007
Hi everyone. Jonathan from the SWI team here. Christopher asked me to write a guest blog entry introducing and providing some background on a new KB article that we published a few minutes ago. We have seen lots of activity in the security community about the registry key workaround we published in Security Advisory 935964.
Thursday, April 19, 2007
Hi Everyone, This is Mark Miller. For those who may not know, I’ve been the Director of Security Response Communications since October of last year. I wanted to let you all know that we have implemented a new Windows Live Alert for postings to this blog. These alerts are delivered to your email inbox, SMS and/or instant messaging and will let you know that we’ve posted something here.
Thursday, April 19, 2007
Hello everyone, This is Christopher Budd. I wanted to let you know that we’ve made a revision to our security advisory to provide some additional details and clarifications. First, though, I wanted to let you know that the situation has not changed. Our teams are continuing to work on developing and testing updates for this issue, and our ongoing monitoring of the situation shows that attacks are still not widespread.
Wednesday, April 18, 2007
Hello, This is Christopher Budd. I wanted to let you know about two updates we’ve made as part of our regular process to Knowledge Base article 925902. These discuss new known issues a small number of customers have encountered with MS07-017. First, we’ve added BMC PATROL 7.1 (now called Performance Manager, by BMC Software, Inc) to the list of applications affected by the issue discussed in Knowledge Base article 935448.
Tuesday, April 17, 2007
Hello everyone, This is Christopher Budd. I wanted to give you the latest information from our monitoring of the new attack we mentioned yesterday. I also wanted to address questions we’ve gotten from customers about when we think we’ll have updates ready to address this issue. We have been monitoring the situation overnight and working with our Microsoft Security Response Alliance (MSRA) partners and attacks are still not widespread.
Monday, April 16, 2007
Hello everyone, this is Christopher Budd. I wanted very quickly to update you with some new, important, information that we have on this situation. Our ongoing monitoring in conjunction with our MSRA partners indicates that we are seeing a new attack that is attempting to exploit this vulnerability. At this time, the attack does not appear widespread.
Sunday, April 15, 2007
Hello everyone, This is Christopher Budd. I wanted to give you a brief update with the latest information on the situation from our ongoing work over the weekend. Our teams are continuing their work to develop a security update to address this issue. Our ongoing monitoring of attacks in conjunction with our MSRA partners indicates that attacks are still limited.
