Monday, July 27, 2009
Handle: The Crushman IRL: Andrew Cushman Rank: Security Director Likes: Cranberry juice (thanks Jay!) Dislikes: Super helpful hotel desk clerks (thanks Raoul?) OMG it’s great to be back in Vegas again – the shows, the shopping, the nightlife, and let’s not forget the talks at Black Hat, the old and new friends, the excitement and the drama.
Monday, July 27, 2009
When complex security issues that affect multiple vendors arise, calling them “challenging” is an understatement. We created the Microsoft Vulnerability Research Program (MSVR) to meet those challenges, learn from those experiences and strengthen the ties of our community of defenders across the industry in the process. As the state of software security matures beyond straightforward issues such as buffer overflows and elevation of privilege, we are working diligently towards a new level of cross-industry collaboration on a scale never seen before.
Sunday, July 26, 2009
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Hey! It’s that time of year again for all of us to pack up and head out to the desert to reconnect, discuss, and plan for the future, or at least what we think will be the future of security.
Friday, July 24, 2009
We have just published our advance notification for an out-of-band security bulletin release, with a target of 10:00 AM Pacific Time next Tuesday, July 28, 2009. While this release is to address a single, overall issue, in order to provide the broadest protections possible to customers, we’ll be releasing two separate security bulletins:
Friday, July 24, 2009
Handle: EcoStrat’s All-Stars IRL: TwC Security All-Star Guest Bloggers Likes: Security, Vulnerability Research & Science, Defense and Responsible Disclosure Dislikes: 0-day, FUD Take a gander as Billy Rios, Security Engineer, Business Online Services, and Bryan Sullivan, Senior Security Program Manager, Secure Development Lifecycle (SDL), discuss their experiences with the security community both inside and outside of Microsoft.
Thursday, July 23, 2009
小野寺です。 7 月 15 日に、月例のセキュリティ リリースを行いましたが、それとは別に 7 月 29 日に定例外でセキ
Wednesday, July 22, 2009
** Handle:** Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk, egos This week our team is preparing to travel to Black Hat USA in Las Vegas Nevada, a hotspot (literally and figuratively), and one of the largest gatherings of security professionals in the world.
Wednesday, July 22, 2009
Handle: EcoStrat’s All-Stars IRL: TwC Security All-Star Guest Bloggers Likes: Security, Vulnerability Research & Science, Defense and Responsible Disclosure Dislikes: 0-day, FUD As mentioned in Sarah’s Black Hat post, we’re profiling some of our own internal security members and sharing their perspectives around Microsoft’s engagement in the security community. Maarten Van Horenbeeck, Security Program Manager, Microsoft Security Response Center (MSRC) and Katie Moussouris, Senior Security Strategist, Secure Development Lifecycle (SDL), answer the following two questions:
Friday, July 17, 2009
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Konnichiwa! I guess you are wondering
Wednesday, July 15, 2009
Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: July 2009 Security Bulletin Date: Wednesday, July 15, 2009 Q: How is Fix-It different from a security bulletin? A: A Fix-It will automatically apply a workaround to address a particular issue. A bulletin provides a comprehensive update to address the root cause of vulnerability.
