Tuesday, March 02, 2010
Hi, I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit.
Monday, March 01, 2010
The MSRC Engineering team has been investigating reports of a vulnerability involving the use of VBScript and Windows Help files. What is the impact and affected platforms? Our investigation has determined that Windows 7, Windows Server 2008, and Windows Vista are not impacted. Only Windows 2000 and Windows XP are impacted by default.
Monday, March 01, 2010
Hello again, Today we released Security Advisory 981169 to address the VBScript issue involving Windows Help files that we blogged about yesterday. To reiterate what we said in that post, we are not aware of any active attacks at this time and the following operating systems are not affected by this issue: Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows Vista.
Sunday, February 28, 2010
Hi everyone, On Friday 2/26/2010, an issue was posted publicly that could allow an attacker to host a maliciously crafted web page and run arbitrary code if they could convince a user to visit the web page and then get them to press the F1 key in response to a pop up dialog box.
Thursday, February 25, 2010
Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns As you may know, the Microsoft Security Response Center (MSRC) EcoStrat blog has served to inform Microsoft customers, security professionals, IT Pros, and developers of the MSRC Ecosystem Strategy Team’s activities.
Wednesday, February 24, 2010
Hi all, I’m Lars Opstad, an engineering manager in the MSEC Science group supporting the SDL within Microsoft. I wanted to share with you some of the ways that we are improving our internal security practices, specifically in the area of file fuzzing. Many fuzzers take a good file (template) as a starting point for creating malformed content.
Tuesday, February 23, 2010
小野寺です。 2010 年 6 月分までを公開していた、セキュリティ情報公開予定日一覧ですが、更新して、2010 年
Thursday, February 18, 2010
Handle: Avatar IRL: Karl Hanmore Rank: Senior Security Strategist (aka Sergeant Grunt) Likes: Getting the job done, bringing the fight to the bad guys, good single malt whiskey Dislikes: Cowards, talkers not doers, red tape, humidity Handle: Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins
Wednesday, February 17, 2010
小野寺です。 「MS10-015 で再起動やブルースクリーンが発生する件について」の続報を再度お伝えしま
Wednesday, February 17, 2010
Hi, We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015. We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit.
