Skip to main content

Month Archives: June 2012

BlueHat Prize: And the finalists are...

Thursday, June 21, 2012

Hello, The judges have finished reviewing the submissions for the first BlueHat Prize contest and the finalists are in! Please visit for details on the three finalists and their entries that mitigate return-oriented programming (ROP). The finalists will collectively be awarded over a quarter million dollars in cash and prizes at the Microsoft Researcher Appreciation Party following the Black Hat briefings in Las Vegas on July 26, 2012.

BlueHat Prize v1.0 Finalists – One of These People Will Win $200,000 (AKA Mad Loot)!

Wednesday, June 20, 2012

Handle: k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice When we announced the BlueHat Prize on August 3, 2011, we did something that no major vendor had ever done before – offer a large cash prize for defensive security research.

Further insight into Security Advisory 2719615

Wednesday, June 13, 2012

During our regular Update Tuesday bulletin cycle this week, we released Security Advisory 2719615, which provides guidance concerning a remote code execution issue affecting MSXML Code Services. As part of that Advisory, we’ve built a Fix it workaround that blocks the potential attack vector in Internet Explorer. Fix its are a labor-saving mechanism that helps protect customers from a specific issue in advance of a comprehensive security update.

MSXML: Fix it before fixing it

Wednesday, June 13, 2012

Yesterday, Microsoft has released Security Advisory 2719615, associated to a vulnerability in Microsoft XML Core Services. We want to share more details about the issue and explain the additional workarounds available to help you protect your computers. Information about the vulnerability A vulnerability exists in Microsoft XML Core Services 3.0, 4.