Security WARS: a long time ago in a network far, far away...
Friday, August 28, 2009
小野寺です。 情報戦争が、また新たに始まったとかそういう話ではありません。 先日、セキュリティ ニュース レ
Month Archives: August 2009
自動実行(自動再生/AutoPlay/Autorun)の動作変更
Friday, August 28, 2009
小野寺です。 先日、セキュリティ アドバイザリ 967940を更新して、自動実行の動作を変更する更新プログ
August 2009 Security Bulletin Webcast Video and Customer Q and A
Friday, August 14, 2009
As we do every month on the Wednesday following our standard second Tuesday security bulletin release, we conducted a live webcast where Adrian Stone and myself went through the bulletins in detail and then answered customer questions with the help of several subject matter experts (SMEs). It is apparent that there is still a bit of confusion around the Active Template Library (ATL) issue and how current updates relate to work we have already done to provide mitigations, protections and guidance to customers.
Monthly Security Bulletin Webcast Q&A - August 2009
Thursday, August 13, 2009
Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: August 2009 Security Bulletin Date: Wednesday, August 11, 2009** Q: Regarding the re-release of MS09-029. Why it was re-released? Is it recommended to install? A: This update was re-released to correct an issue affecting the print spooler in certain circumstances.
2009年8月12日のセキュリティ情報
Tuesday, August 11, 2009
小野寺です 事前通知でお伝えした通り、セキュリティ情報 計 9 件 (緊急 5 件, 重要 4 件)を公開しました。 また
2009年8月のワンポイントセキュリティ
Tuesday, August 11, 2009
小野寺です。 8 月のワンポイント セキュリティ情報を公開しました。 事前通知の際にお知らせした通り、今月か
August 2009 Bulletin Release
Tuesday, August 11, 2009
Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components (OWC). It is also important to note that five of the six critical updates also have an Exploitability Index rating of “1” which means that we could expect there to be consistent, reliable code in the wild seeking to exploit one or more of these vulnerabilities within the first 30 days from release.
MS09-036: ASP.NET Denial-of-Service vulnerability
Tuesday, August 11, 2009
We have released MS09-036 to address an anonymous denial of service (DoS) vulnerability in ASP.NET. We’d like to go into more detail in this blog to help you understand: Which configurations are at risk? What could happen if my configuration is impacted? How can I protect myself? Which configurations are at risk?
MS09-037: Why we are using CVE's already used in MS09-035
Tuesday, August 11, 2009
MS09-035 was released July 28 to address vulnerabilities in the Visual Studio Active Template Library (ATL). A related security update, MS09-034, included a defense-in-depth Internet Explorer mitigation to help protect against attacks in vulnerable components. This morning, we released security bulletin MS09-037 to addresses the ATL vulnerabilities in several Windows components.
MS09-039: More information about the WINS security bulletin
Tuesday, August 11, 2009
This morning, we released security update MS09-039 addressing vulnerabilities in the Microsoft Windows Internet Name Service (WINS). In this blog post, we’d like to help you understand the following: What is the risk of this vulnerability? Why is it rated Critical? What is Microsoft doing to prevent a “WINS worm?” What you can do to protect your environment?