Skip to main content
MSRC

Month Archives: July 2012

Security Advisory 2737111 released

Tuesday, July 24, 2012

Hello – Today we published Security Advisory 2737111, which provides mitigations and workarounds that will help protect customers from a known vulnerability in one of Oracle’s Outside In libraries, which were updated earlier this month. Microsoft licenses the libraries from Oracle and uses them in Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, and FAST Search Server 2010 for SharePoint.

The BlueHat Prize finalists, in their own words

Tuesday, July 24, 2012

In a little less than 24 hours, we will award $200,000 to Jared DeMott, Ivan Fratric, or Vasilis Pappas as we name the inaugural winner of the BlueHat Prize – and we’ll award more than $50,000 for the two runners-up. As excitement builds towards that announcement, I was fortunate enough to sit down with each finalist and get to know them a little bit better.

Countdown to the BlueHat Prize announcement and a chance for you to win $5000

Monday, July 16, 2012

Hello, To mark the start of the 10-day countdown to the BlueHat Prize award ceremony, the MSRC Ecosystem Strategy Team is announcing the BlueHat Prize Question Sweepstakes that will give you a chance to win $5,000 at Black Hat this year! Be sure to check out the official announcement here and the official rules here to see how your input could help us shape a future BlueHat Prize contest.

The BlueHat Prize Survey at BlackHat – Submit Security Defense Questions for a Chance to Win $5000

Sunday, July 15, 2012

Handle: k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice As we inch closer to Black Hat in Vegas this year, we wanted to kick off the ten-day countdown to our first BlueHat Prize contest winners’ announcement with an invitation to those attending Black Hat.

July 2012 Security Bulletin Webcast, Q&A, and Slide Deck

Friday, July 13, 2012

Today we published the July Security Bulletin Webcast Questions & Answers page, and the July 2012 Security Bulletin Release Webcast slide deck. We fielded 15 questions on various topics during the webcast, including bulletins and advisory details, deployment questions, and plans for later updates. We also received a question that we weren’t able to tackle in the allotted time; we’ve answered that one in the Q&A as well.

Assessing risk for the July 2012 security updates

Tuesday, July 10, 2012

Today we released nine security bulletins addressing 16 CVE’s. Three of the bulletins have a maximum severity rating of Critical and the other six have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS12-043(MSXML) Victim browses to a malicious webpage.