Friday, May 30, 2008
Hi, This is Tim Rains. Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory 953818. This security advisory talks about new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari web browser for Windows has been installed.
Thursday, May 29, 2008
(Special thanks to Neil Carpenter for helping out on this blog post) Recent Trends Beginning late last year, a number of websites were defaced to include malicious HTML <script> tags in text that was stored in a SQL database and used to generate dynamic web pages. These attacks began to accelerate in the first quarter of 2008 and are continuing to affect vulnerable web applications.
Monday, May 26, 2008
小野寺です。 MBSA (Microsoft Baseline Security Analizer)が久しぶりにバージョンアップして、2.1 となりました。 前回、2
Wednesday, May 14, 2008
小野寺です。 5 月のワンポイントセキュリティを公開しました。 Video: Security Updates This Month - May 2008 soapbox 版ではない、フルサイズ版
Tuesday, May 13, 2008
小野寺です 今月は、事前通知でお伝えしていたとおり 計 4 件 (緊急 3 件, 警告 1 件)を公開しました。 加えて、
Tuesday, May 13, 2008
This is Tami Gallupe, MSRC Release Manager, and I want to let you know that we just posted our May 2008 Bulletins. We released four bulletins today, which include three bulletins with severity rating of critical and one with the severity rating of moderate. We also re-released MS06-069 to add XP SP3 as an affected version.
Tuesday, May 13, 2008
This month we released an update for Microsoft Word that fixed issues relating to loading RTF files (CVE-2008-1091) and HTML files (CVE-2008-1434). Office applications like Microsoft Word can load a large variety of different file formats, and some people may want to reduce their attack surface by disabling the formats they don’t typically use.
Friday, May 09, 2008
Hi, Charlie Miller here. I was asked to come out to BlueHat to participate in a panel discussion about the vulnerability economy and selling exploits and such. Hopefully the folks who sat through us arguing for an hour got something out of it. I enjoyed it. When I’m not out shining a light onto the dark world of exploit sales, I’m usually spending my time looking for bugs in software, particularly with fuzzers.
Thursday, May 08, 2008
小野寺です。 今月は、計 4 件 (緊急 3 件, 警告 1 件) の公開を予定しています。 リリース日は、週明け水曜日 (05/14)
Thursday, May 08, 2008
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, May 13, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
