Skip to main content
MSRC

Month Archives: July 2008

Microsoft Security Bulletin Webcast Q&A - Index Page

Wednesday, July 30, 2008

Below is an index of the Question & Answers from our monthly security bulletin webcast. To find the registration link for the next webcast, please visit the following link: http://www.microsoft.com/technet/security/current.aspx. To view previous webcasts On-Demand, please visit this link: http://www.microsoft.com/events/security/ondemand.mspx** Index: October 2010 - http://blogs.technet.com/b/msrc/p/october-2010-security-bulletin-q-a.aspx September 2010 - http://blogs.technet.com/b/msrc/p/september-2010-security-bulletin-q-a.aspx Out-of-Band (MS10-070) - http://blogs.

Read More

Microsoft Security Bulletin Webcast Q&A - July 2008

Wednesday, July 30, 2008

Hosts: Mike Reavey, Group Security Program Manager Adrian Stone, Microsoft Security Response Center (MSRC) Website: TechNet/security Topic: Information about Microsoft Security Bulletins Date: Wednesday, July 9, 2008 Q: Why was CVE-2008-0951(Windows Vista not properly enforce the NoDriveTypeAutoRun registry value) not listed as a fixed vulnerability in the bulletin for MS08-038? The notice was embedded within the Bulletin FAQ and has been overlooked by many people.

Read More

Microsoft Security Bulletin Webcast Q&A - June 2008

Wednesday, July 30, 2008

Hosts: Christopher Budd, Microsoft Security Response Communications Lead Adrian Stone, Microsoft Security Response Center (MSRC) Website: TechNet/security Topic: Information about Microsoft Security Bulletins Date: Wednesday, June 11, 2008 Q: Was XP SP3 released via AU yesterday? Also where did Microsoft announce this ahead of time? A: No, XP SP3 was not release via AU yesterday.

Read More

Security Bulletin Webcast Questions & Answers

Wednesday, July 30, 2008

Hey everyone, This is Jerry Bryant. I am the Business, Operations & Communications Manager on the Security Response Communications team. I am writing to let you know about a new process we are implementing regarding the questions and answers from our monthly security bulletin webcast. Attendee’s to the webcast ask a lot of great questions concerning the security updates we just released and we have many subject matter experts (SME’s) on hand to answer them.

Read More

Increased Threat for DNS Spoofing Vulnerability

Friday, July 25, 2008

Hi. Bill here. Today we released Microsoft Security Advisory (956187) to warn you of public exploit code available for Microsoft Security Bulletin MS08-037 (Vulnerabilities in DNS Could Allow Spoofing (953230). We have investigated the public exploit code and have determined that customers who have installed Microsoft Security Bulletin MS08-037 are not affected.

Read More

How to parse the .doc file format

Friday, July 18, 2008

This past February, Microsoft publicly released the Office binary file formats specification. These describe how to parse Word, Excel, and PowerPoint files to review or extract the content. Because they describe the structure of these file formats in detail, we think the file format specification will be particularly interesting to ISVs who write detection logic for malware scanners (such as Anti-Virus software).

Read More

Title: A Buddhist Monk Goes Up to a Hot Dog Vendor…

Friday, July 18, 2008

…and says “Make me one with everything.” Aside from that fact that most hot dog vendors don’t carry Tofu Pups, we’re taking this joke seriously for the next iteration of BlueHat, and giving you some attack content as well as talking about proactive defense. Coming this October, the BlueHat team will partner with the SDL team to create two full days of content, the first day focusing on new attacks and the emerging threat horizon, and the second day focusing on steps we can take as software architects, developers, testers, and maintainers to make code more secure in the first place.

Read More