Skip to main content

Month Archives: June 2008

Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates

Monday, June 30, 2008

Hi. Bill here. I want to let you know that we have just posted Microsoft Security Advisory 954960, which contains information regarding deployment Issues with Microsoft Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. Under specific conditions, the issue does not let clients detect any updates from a WSUS server on systems with Microsoft Office 2003 installed.

News from FIRST 2008: Driving Security Response Excellence and Innovation

Thursday, June 26, 2008

Hi, Andrew here, Often, when you see me blogging, I’m talking about the important work we do with the researcher community. However, in addition to work with researchers, we’re always looking for ways to foster work with others in the industry and share best practices. As I sit here today at the annual FIRST Conference and think about the future of security response, I’m excited to tell you about ICASI (Industry Consortium for the Advancement of Security on the Internet), a new non-profit organization that will enhance global IT security by proactively driving excellence and innovation in security response.

New tools to block and eradicate SQL injection

Tuesday, June 24, 2008

The MSRC released an advisory today that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the purpose of each, and the way each complements the others. The goal of this blog post is to help you identify the best tool to use depending on your role (i.

SQL Injection Attacks Exploiting Unverified User Data Input

Tuesday, June 24, 2008

Hey Andrew Cushman here. Today I’m pleased to announce the coordinated release of three security tools in Security Advisory 954462 to help customers deal with SQL injection attacks: · UrlScan version 3.0 Beta, a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, the UrlScan helps prevent potentially harmful requests.

Blue Hawaii

Thursday, June 19, 2008

After a whirlwind trip to beautiful Honolulu, Hawaii to give the Day 2 keynote at ShakaCon, I am finally back to reality here at Microsoft. More on that shortly, from another blog… Right here, right now, BlueHat video interviews with the speakers are available. From “Bad Sushi: Beating Phishers at Their Own Game” with our own Billy Rios to “Token Kidnapping” with Cesar Cerrudo of Argeniss – get an exclusive sneak peek into what really happened at BlueHat v7.