Skip to main content

Month Archives: October 2012

BlueHat: Something Old, Something New, All Blue

Wednesday, October 24, 2012

Handle: k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice Reflecting on my past five years at Microsoft (I know! How time flies!), I can see with fresh perspective just how far we’ve come, while staying true to our goals of helping to protect customers and the computing ecosystem.

October 2012 Security Bulletin Webcast, Q&A, and Slide Deck

Thursday, October 11, 2012

Hello, Today we published the October Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded five questions focusing primarily on Security Advisory 2661254 addressing trust certificates with RSA keys less than 1024 bit key lengths. One additional question was answered after the webcast. All questions are included on the Q&A page.

Security Advisory 2749655 and timestamping

Tuesday, October 09, 2012

Today we released Security Advisory 2749655 to alert customers to a clerical error made in code-signing a number of recently released security updates. This error will cause the digital signature to expire and become invalid prematurely – not a security flaw, but an issue that will impair users’ overall security profile.

Welcome to the 1024-bit world and the October security updates

Tuesday, October 09, 2012

As previously mentioned in the Advance Notification blog on Thursday, today we’re releasing seven bulletins, one Critical-class and six Important-class bulletins. Before we discuss those releases, let’s take a closer look at the Security Advisories we also released today. Security Advisory 2661254 We began discussing this issue in June, and originally released this advisory in August.