Tuesday, January 10, 2012
Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing seven security bulletins, one of which is rated Critical in severity, with the remaining six classified as Important. These bulletins will address eight vulnerabilities in Microsoft products. Customers should plan to install all of these updates as soon as possible.
Thursday, January 05, 2012
Hello. Today we’re releasing our advance notification for the January security bulletin release, which is scheduled for Tuesday, January 10. This month’s release includes seven bulletins addressing eight vulnerabilities in Microsoft Windows and Microsoft Developer Tools And Software. As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.
Friday, December 30, 2011
Hello, Today we published the December 2011 Out-of-Band Security Bulletin Webcast Questions & Answers page. We fielded 41 questions on the subject of MS11-100. There were four questions during the webcast that we were unable to answer and we have included those questions and answers on the Q&A page. We invite our customers to join us for the next public webcast scheduled for Wednesday, January 11, 2012 at 11 a.
Thursday, December 29, 2011
Hello, Today we released Security Update MS11-100 to address the issue described in Security Advisory 2659883. The security update has a severity rating of Critical and resolves a publicly disclosed remote unauthenticated Denial of Service issue in ASP.NET versions 1.1 and above on all supported versions of .NET Framework. Of note, the new method of hash collision attacks used to exploit this vulnerability is an industry-wide issue affecting various Web platforms, including ASP.
Wednesday, December 28, 2011
Hello, Today we’re providing advance notification for an out-of-band security update to address the publicly disclosed issue described in Security Advisory 2659883. The release is scheduled for tomorrow, December 29, at approximately 10 a.m. PST. The bulletin has a severity rating of Critical and addresses a publicly disclosed vulnerability in ASP.
Tuesday, December 27, 2011
Hello, Today we published Security Advisory 2659883 to provide a workaround to help protect ASP.NET customers from a publicly disclosed vulnerability that affects various Web platforms industry-wide. We are not aware of any attacks using this vulnerability, which affects all supported versions of .NET Framework, however we recommend customers use the mitigation and workaround described in the Advisory to help protect sites against this new method to exploit hash tables.
Monday, December 19, 2011
Hello, Today we published the December Security Bulletin Webcast Questions & Answers page. We fielded six questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. For more details on this month’s bulletins, click here to view the slide deck used in the webcast. See below to view the webcast.
Thursday, December 15, 2011
Hosts: Jonathan Ness, Security Development Manager, MSRC Jerry Bryant, Group Manager, Trustworthy Computing Communications Website: TechNet/Security ** Chat Topic: December 2011 Security Bulletin Release ** Date: Wednesday, December 14, 2011 ** Q: Some of my users had issues with text being deleted from Word documents. Is this an issue with the Office security bulletin**?
Tuesday, December 13, 2011
Hi everyone – Mike Reavey here. Today, we’re releasing our December set of security updates. As we do every month, we’re providing a heads-up on what’s coming in this month’s release as well as offering links to more information so you can plan your deployment. However, since this is the last set of regular monthly security updates this year, I thought I’d take a minute to look back at some of the discoveries the MSRC made in the process of issuing the year’s bulletins.
Tuesday, December 13, 2011
Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing 13 security bulletins, three of which are rated Critical in severity, and 10 Important. These bulletins will increase protection by addressing 19 unique vulnerabilities in Microsoft products. Customers should plan to install all of these updates as soon as possible.
