Skip to main content

Month Archives: May 2010

Office Security Engineering: BlueHat v9 Presentation Revisited

Friday, May 21, 2010

Hi, this is Tom Gallagher from the Office Trustworthy Computing team. At Blue Hat v9, David Conger and I presented some of the security engineering work that we were doing to help ensure the security of Office 2010. We don’t want a single bug in our parsing code to allow arbitrary code to harm a customer’s machine by doing things like installing a rootkit.

Strengthening the Security Cooperation Program

Tuesday, May 18, 2010

Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run G’day Mate! I have always wanted to say that. I am here at the AusCERT 2010 conference in the beautiful Gold coast, Australia.

May 2010 Security Bulletin Webcast

Friday, May 14, 2010

Hi everyone, Today we posted the questions and answers from this month’s security bulletin webcast. There were a few questions but overall, the webcast was pretty quick with only two bulletins. For the June bulletin release, our webcast will be on Wednesday June 9, 2010 at 11:00 a.m. PDT (UTC -7).

Monthly Security Bulletin Webcast Q&A - May 2010

Friday, May 14, 2010

Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: May 2010 Security Bulletin Release Date: Wednesday, May 12, 2010 Q: Is Outlook Express installed by default in a Windows 2003 installation? A: Outlook Express was included as an in-box component of Windows Server 2003.

May 2010 Security Bulletin Release

Tuesday, May 11, 2010

Hello Everybody- Today are releasing two security bulletins, MS10-030 and MS10-031 to address two vulnerabilities in Windows and Microsoft Office, both rated Critical. As always, we recommend that customers test and deploy both security updates as soon as possible. MS10-030 is a Windows-based update resolving one vulnerability affecting Outlook Express, Windows Mail and Windows Live Mail.

MS10-030: Malicious Mail server vulnerability

Tuesday, May 11, 2010

Today we released the fix for CVE-2010-0816 in MS10-030. This vulnerability affects Outlook Express, Windows Mail, and Windows Live Mail. We recommend that you install the update as soon as possible, but realize that some customers may need to prioritize which updates they install first. While the vulnerability is rated critical, many customers may not be affected by it.