Monday, October 13, 2008
Hi this is Christopher Budd, We received some questions from customers about an e-mail that’s circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the latest security update, and encourages the recipient to run the attached executable so they can be safe.
Monday, October 13, 2008
I’m Dustin, a Security Program Manager in the Microsoft Security Response Center (MSRC). We have received a few questions regarding a public issue and we wanted to update you on the status of how we plan to address it. The issue revolves around Security Advisory 951306. We originally posted this advisory in March as a result of an issues discussed publicly that described a method of using system tokens to elevate privileges on Windows XP and 2003 systems.
Monday, October 13, 2008
The past few days, we have had service isolation on our minds here in Redmond after the POC code posting last week from Cesar Cerrudo. Nazim Lala from the IIS team posted a great blog entry about the fix and why it is taking so long to release it. I expect it to be close to the amount of code churn as XP SP2.
Monday, October 13, 2008
小野寺です 先週 2008/10/08 ~ 2008/10/10 の 3 日間開催された、「マルウェア対策研究人材育成ワークショップ 2008 (MWS 2008) 」に参加して
Thursday, October 09, 2008
小野寺です。 今月は、計 11 件 (緊急 4 件, 重要 6 件, 警告 1 件) の公開を予定しています。 リリース日は、週明
Thursday, October 09, 2008
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Oct. 14, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
Thursday, October 09, 2008
Hello, Bill here, I wanted to let you know that we have just updated Microsoft Security Advisory (951306). Exploit code has been published on the Internet for the vulnerability addressed by this Advisory. Our investigation has shown that it does not affect customers who have applied the workarounds listed in the Advisory.
Tuesday, October 07, 2008
Handle: C-Lizzle IRL: Celene Temkin Rank: BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hopefully by now you’ve seen the lead in to BlueHat v8 blog post, the official announcement post, and perused the spiffy, revamped BlueHat page. I’m truly amazed to see how the content has shaped up as we approach the final countdown to BlueHat v8: C3P0wned on October 16-17.
Monday, October 06, 2008
小野寺です。 株式会社インターネットイニシアティブ (IIJ) から、興味深いレポートが公開されました。 http://www.iij.ad.jp/development/iir/ ISP の視点
Monday, October 06, 2008
Working to find bugs in the software security industry is much like prospecting for natural resources. An engineer takes a high level view of an unknown piece of territory to determine the lay of the land and narrow down the geography into a few key locations of interest using intuition, experience, and macro-scale information.
