Skip to main content
MSRC

2011

BlueHat Prize Q&A with Katie Moussouris

Wednesday, August 10, 2011

Hi everyone, Black Hat this year was really great. We spent a lot of time talking to people and getting new perspectives on the security landscape and of course, we announced the BlueHat Prize contest. The reaction to the contest was outstanding. In fact, within the first 24 hours, we had already received a few submissions and a bunch of questions indicating a lot of interest in winning the $200,000 grand prize.

Read More

A live BlueHat Prize webcast and the August 2011 security updates

Tuesday, August 09, 2011

Hello all. It has been very nearly a week since our BlueHat Prize contest announcement at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing studio today at 11 a.

Read More

Assessing the risk of the August security updates

Tuesday, August 09, 2011

Today we released 13 security bulletins. Two have a maximum severity rating of Critical, nine have a maximum severity rating of Important, and two have a maximum severity rating of Moderate. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS11-057 (IE) Victim browses to a malicious webpage.

Read More

Vulnerabilities in DNS Server Could Allow Remote Code Execution

Tuesday, August 09, 2011

Today we released MS11-058 to address two vulnerabilities in the Microsoft DNS Service. One of the two issues, CVE-2011-1966, could potentially allow an attacker who successfully exploited the vulnerability to run arbitrary code on Windows Server 2008 and Windows Server 2008 R2 DNS servers having a particular DNS configuration. We’d like to share more detail in this blog post and help you make a risk decision for your environment.

Read More

Advance Notification Service for the August 2011 Bulletin Release

Wednesday, August 03, 2011

Hello all. Before we look at next week’s bulletin release, we’d like to recommend – for those of you who missed it in the run-up to this year’s Black Hat conference – the third annual Microsoft Security Response Center Progress Report. Every year around this time, we look back at the progress our key security programs have made.

Read More