Skip to main content
MSRC

Month Archives: August 2011

Microsoft Releases Security Advisory 2607712

Monday, August 29, 2011

Today we’re releasing Security Advisory 2607712, to address at least one fraudulent digital certificate issued by DigiNotar, a root certificate authority. DigiNotar has since revoked the digital certificate. This is not a Microsoft security vulnerability; however, the certificate potentially affects Internet users attempting to access websites belonging to Google. A fraudulent certificate may be used to spoof Web content, perform phishing attacks or perform man-in-the-middle attacks against end users.

Q&A From the August 2011 Security Bulletin Webcast

Thursday, August 11, 2011

Hello, Today we published the August Security Bulletin Webcast Questions & Answers page. We fielded six questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the Q&A page.

BlueHat Prize Q&A with Katie Moussouris

Wednesday, August 10, 2011

Hi everyone, Black Hat this year was really great. We spent a lot of time talking to people and getting new perspectives on the security landscape and of course, we announced the BlueHat Prize contest. The reaction to the contest was outstanding. In fact, within the first 24 hours, we had already received a few submissions and a bunch of questions indicating a lot of interest in winning the $200,000 grand prize.

A live BlueHat Prize webcast and the August 2011 security updates

Tuesday, August 09, 2011

Hello all. It has been very nearly a week since our BlueHat Prize contest announcement at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing studio today at 11 a.

Assessing the risk of the August security updates

Tuesday, August 09, 2011

Today we released 13 security bulletins. Two have a maximum severity rating of Critical, nine have a maximum severity rating of Important, and two have a maximum severity rating of Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS11-057 (IE) Victim browses to a malicious webpage.