Tuesday, December 30, 2008
Hi everyone. This is Maarten Van Horenbeeck. I just joined the Microsoft Security Response Center a few months ago, and am the program manager working on the issue described in Microsoft Security Advisory (961509), which we just released. Earlier today, two researchers presented at a security conference on a novel way of implementing collision attacks on digital certificates signed using the MD5 algorithm.
Tuesday, December 30, 2008
Today Microsoft released a security advisory (961509) regarding collisions in MD5 hashes on certificates. This specific problem affects the entire industry and is not a Microsoft specific vulnerability. Serious weaknesses in MD5 have been known for many years now; it is because of these weaknesses that MD5 is banned in new code under the Microsoft Security Development Lifecycle (SDL).
Monday, December 29, 2008
Happy holidays to everyone. While it’s been a snowy holiday season for us in the Pacific Northwest (some of us are still snowed in), the MSRC never closes and we are always working to help keep customers safe. In that vein, we’ve received some questions about a vulnerability report that was initially posted late on Christmas eve.
Monday, December 29, 2008
On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing arbitrary code on the system. We investigated right away and found that this bug cannot be leveraged for arbitrary code execution.
Tuesday, December 23, 2008
Hello, Bill here, I want to provide you with a quick update regarding our recently released security advisory. In the advisory we provide a workaround to help customers protect themselves from attackers trying to exploit this vulnerability. Customers have told us that it’s helpful when we provide information and guidance on how to automate the deployment of workarounds, so we have taken this a step further and worked with the SQL Engineering Team to providing Enterprise and Business Users a script that applies the workaround on all running instances of SQL Server on the local computer.
Monday, December 22, 2008
Hello, Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (961040). This advisory contains information regarding public reports of a vulnerability in SQL Server that could allow for remote code execution. We are aware that exploit code has been published on the Internet; however, we are not aware of any attacks attempting to use the reported vulnerability.
Monday, December 22, 2008
Security Advisory 961040 provides mitigations and workarounds for a newly-public post-authentication heap buffer overrun in SQL Server, MSDE, and SQL Express. This blog post goes into more detail about the attack surface for each affected version and the overall risk from this vulnerability. As listed in the advisory, the following products have the vulnerable code:
Thursday, December 18, 2008
小野寺です。 Internet Explorer のセキュリティ更新プログラムは既に適用済みでしょうか? 「実は、まだ・・・」という方は
Wednesday, December 17, 2008
小野寺です。 先日お伝えしたとおり、本日 Internet Explorer の脆弱性に対処するセキュリティ更新プログラムの提供を開始し
Wednesday, December 17, 2008
Hello, Mike here, Today we released security update MS08-078, protecting customers from active attacks against Internet Explorer. This update will be applied automatically to hundreds of millions of customers through automatic updates over the next few days. And, for our enterprise customers - with multiple systems within their networks – this update can be deployed through all standard security update management systems including, SCCM, SMS, WSUS, and Windows Update as of 10AM PST today.
