Wednesday, May 13, 2009
Hi, Billy Rios here, I was recently invited to speak at Hack in the Box (HITB) in Dubai. While at HITB, I participated in two different talks, but I’m going to focus on the talk Chris Evans and I co-presented: “Cross Domain Leakiness.” Chris Evans is a security lead for Google’s Core Security team.
Wednesday, May 13, 2009
** Handle: EcoStrat’s All-Stars IRL: TwC Security All-Star Guest Bloggers Likes: Security, Vulnerability Research & Science, Defense and Responsible Disclosure Dislikes: 0-day, FUD ** Marhaban! Maarten Van Horenbeeck here from the Microsoft Security Response Center (MSRC). This is the first time I have blogged here on EcoStrat. As a Security Program Manager with MSRC, one of the roles I have is to work with security researchers, and this often involves attending security conferences to meet with you.
Tuesday, May 12, 2009
小野寺です 2009 年 5 月のセキュリティ情報は、事前通知からの変更はなく予定通り、計 1 件 (緊急 1 件)となりま
Tuesday, May 12, 2009
小野寺です。 2009 年 5 月のワンポイントセキュリティを公開しました。 2009 年 5 月のワンポイントセキュリティ情報
Tuesday, May 12, 2009
Summary of Microsoft’s monthly security bulletin release for May 2009. Today we released one security bulletin, MS09-017, affecting our PowerPoint products. This update addresses several vulnerabilities including the issue described in Microsoft Security Advisory 969136. In that advisory, we noted that we were aware of limited, targeted attacks. The security of our customers is important to us and due to these active attacks, we have released the updates for one product line (all versions of Microsoft Office for Windows) so that the majority of our customers can protect their systems.
Tuesday, May 12, 2009
Security update MS09-017 addresses the PowerPoint (PPT) zero-day vulnerability that has recently been used in targeted attacks. We issued security advisory 969136 with workarounds on April 2nd after we first saw the exploits in-the-wild abusing this vulnerability. We also published an SRD blog entry describing how to analyze exploits and an MMPC blog entry with more details about the exploits we had seen.
Friday, May 08, 2009
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Hey, Steve here. Just finally settling back in after traveling a bit, meeting up with different parts of the security ecosystem.
Thursday, May 07, 2009
小野寺です。 今月は、計 1 件 (緊急 1 件) の公開を予定しています。 リリース日は、週明け水曜日 (5/13) となります
Thursday, May 07, 2009
Summary of the May 2009 Advance Notification for the 5/12/2009 security bulletin release. Today we are letting customers know that next week we will be releasing one security bulletin affecting Microsoft Office PowerPoint with an aggregate severity rating of critical. Customers should review the Advance Notification and prepare appropriately for deployment.
Tuesday, April 28, 2009
As some of our readers are well aware, Conficker and other malware is taking advantage of the AutoRun functionality as a spreading mechanism. Furthermore, over the last couple of months, there has been a significant increase of this threat, as more malware is abusing this functionality. Further information about this specific threat has been highlighted in the recent Security Intelligence Report (look for Win32/AutoRun) and the Microsoft Malware Protection Center (MMPC) blog.
