Skip to main content
MSRC

Month Archives: April 2009

AutoRun changes in Windows 7

Tuesday, April 28, 2009

As some of our readers are well aware, Conficker and other malware is taking advantage of the AutoRun functionality as a spreading mechanism. Furthermore, over the last couple of months, there has been a significant increase of this threat, as more malware is abusing this functionality. Further information about this specific threat has been highlighted in the recent Security Intelligence Report (look for Win32/AutoRun) and the Microsoft Malware Protection Center (MMPC) blog.

Changes in Windows to Meet Changes in Threat Landscape

Tuesday, April 28, 2009

Customers have heard us say over the years that the threat environment is an ever-evolving one. That means that one of our jobs in working to keep customers safe is to continually monitor the threat environment and make changes to adapt to it. Today, we’re announcing modifications in Windows that adapts to recent changes in the threat environment.

Security Bulletin Webcast Questions and Answers - April 2009

Monday, April 20, 2009

Hi, During this month’s webcast we were able to address 15 questions in the time allotted, but have included the additional questions asked in this QA post. Most of the questions centered on the MS09-013: the Windows HTTP bulletin, MS09-014: Internet Explorer Bulletin, and MS08-015, the Blended Threat bulletin. We did address additional questions regarding the other bulletins, as well as, questions concerning Product Support Lifecycle.

April 2009 Security Bulletin Webcast Video

Thursday, April 16, 2009

Hello again, This is Jerry Bryant letting you know that we have published the security bulletin webcast video. As you know, on Tuesday, we published a quick overview of the 8 bulletins we released on that day. Yesterday we conducted a live, public webcast, where we went in to more detail on each bulletin.

MIDI PoC not exploitable for code execution

Thursday, April 16, 2009

On Wednesday, a PoC was posted to milw0rm describing an “integer overflow” in Windows Media Player. We investigated the .mid file and found it to be a duplicate of a non-exploitable crash previously posted publicly on Bugtraq around Christmas, four months ago. We blogged about this same issue here: http://blogs.technet.com/srd/archive/2008/12/29/windows-media-player-crash-not-exploitable-for-code-execution.aspx