Skip to main content
MSRC

2010

Advance Notification Service for November 2010 Bulletins

Thursday, November 04, 2010

Hello. We’ve issued our Advance Notification Service for the November ’10 security bulletin release. This time around we’re releasing three updates addressing 11 vulnerabilities in Microsoft Office and Unified Access Gateway (UAG). One bulletin carries a Critical severity rating; the other two are rated Important. When customers buy Microsoft software, it includes high-quality security updates to be provided via predictable monthly bulletin releases, helping to protect their computing experience over time.

Read More

Hack.lu: Why it’s all about building bridges

Thursday, November 04, 2010

Handle: Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni “We want to remain what we are” (“Mir wëlle bleiwe wat mir sinn”) is the national motto of the Grand Duchy of Luxembourg.

Read More

DEP, EMET protect against attacks on the latest Internet Explorer vulnerability

Wednesday, November 03, 2010

Today we released Security Advisory 2458511notifying customers of limited attacks leveraging an Internet Explorer vulnerability. The beta version of Internet Explorer 9 is not affected while Internet Explorer 6, 7, and 8 are affected. So far the attacks we have seen only target Internet Explorer versions 6 and 7 on Windows XP.

Read More

Getting Into Information Security Intelligence Gathering: A BlueHat v10 Retrospective from Speakers Ian Iftach Amit and Fyodor Yarochkin

Tuesday, November 02, 2010

Ian: Having a mild case of “professional ADHD” is probably what got me started on this whole “cyber” thing. Having done research, development, integration and consulting in the past, I was starting to get too many unanswered questions in my mind when dealing with customers and individuals who were being compromised left and right.

Read More

Microsoft Releases Security Advisory 2458511

Tuesday, November 02, 2010

Hi everyone, Today we released Security Advisory 2458511 to address a new vulnerability that could impact Internet Explorer users if they visit a website hosting malicious code. As of now, the impact of this vulnerability is extremely limited and we are not aware of any affected customers. The exploit code was discovered on a single website which is no longer hosting the malicious code.

Read More

Q&A from the October 2010 Security Bulletin Webcast

Monday, October 18, 2010

Hello, Today we published the October 2010 Security Bulleting webcast Questions & Answers page. The October release included 16 security updates, four rated Critical, ten rated Important, and two rated Moderate to address 49 vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Internet Explorer, and Microsoft .NET Framework. We invite our customers to join us for the next public webcast on Wednesday, November 10 @11AM PST when we will go into detail about the November bulletin release and answer questions live on the air.

Read More

Something Old, Something New, True Blue

Friday, October 15, 2010

This year marks the tenth BlueHat at Microsoft, and my sixth round in participating in the event that has been so instrumental in keeping Microsoft developers and executives in touch with the pulse of security research outside Microsoft, and serves as one of the key crossroads for the exchange of ideas from our internal security experts to the outside world.

Read More