msrc

Security Bulletin Webcast Questions and Answers - April 2009

Monday, April 20, 2009

Hi, During this month’s webcast we were able to address 15 questions in the time allotted, but have included the additional questions asked in this QA post. Most of the questions centered on the MS09-013: the Windows HTTP bulletin, MS09-014: Internet Explorer Bulletin, and MS08-015, the Blended Threat bulletin. We did address additional questions regarding the other bulletins, as well as, questions concerning Product Support Lifecycle.

• Security Update Webcast Q & A

April 2009 Security Bulletin Webcast Video

Thursday, April 16, 2009

Hello again, This is Jerry Bryant letting you know that we have published the security bulletin webcast video. As you know, on Tuesday, we published a quick overview of the 8 bulletins we released on that day. Yesterday we conducted a live, public webcast, where we went in to more detail on each bulletin.

• Video

April 2009 Monthly Bulletin Release

Tuesday, April 14, 2009

April is here and is turning out to be a typical, busy month, if one can call it that. In general, when we have a large release, the number of updates ranges from 7-12. With this in mind, we released eight security updates this month: 5 rated as Critical, 2 rated as Important, and one rated as Moderate.

Security Bulletin Overview Video – April 2009

Tuesday, April 14, 2009

Hi Everyone, Jerry Bryant again. Here is the overview video for the April 2009 bulletins. Please join us tomorrow at 11:00 am PDT (UTC –7) for our bulletin webcast where we will cover this months updates in more detail and try to answer all of your bulletin related questions. More viewing options: - Windows Media Video (WMV) - Windows Media Audio (WMA) - Large Preview Image (PNG) - Small Preview Image (PNG) - iPod Video (MP4) - MP3 Audio - Streaming WMV (512kbps) - High Quality WMV (2.

• Video

Token Kidnapping

Tuesday, April 14, 2009

Hello everyone, As you can see from the April 2009 release summary, we addressed the Token Kidnapping issue with bulletin MS09-012. This issue allowed an attacker to gain full control of a server if the attacker can first run malicious code on the server as a lesser privileged user. This issue was originally presented by Cesar Cerrudo in March of 2008 at Hack in the Box (Dubai) 2008.

April 2009 Advanced Notification

Thursday, April 09, 2009

Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release, scheduled for Tuesday, April 14, 2009 around 10 a.m. Pacific Daylight Time. This should help you plan for your deployment process for next week and address these vulnerabilities to protect your computing environments.

Conficker.E

Thursday, April 09, 2009

We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.

Microsoft Security Intelligence Report volume 6

Wednesday, April 08, 2009

Hello, Bill here, Today is the release of the Microsoft Security Intelligence Report volume 6. The report can be found here: http://www.microsoft.com/sir. A section in the report is devoted to out-of-band (OOB) releases. So, I thought I would blog a bit about these types of releases in the broader context of update management.

Microsoft Security Advisory 969136

Thursday, April 02, 2009

Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (969136). This advisory contains information regarding public reports of a vulnerability in Microsoft Office PowerPoint that could allow for remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

April 1, 2009 and Conficker

Wednesday, April 01, 2009

We’ve gotten a number of questions from customers asking us if we’ve seen any new activity from the Conficker worm now that it’s April 1, 2009. We and our partners in the Conficker Working Group have been watching closely and we’ve not seen any new malicious activity from Conficker. We haven’t seen any actions outside of what we expected.