Friday, July 25, 2008
Hi. Bill here. Today we released Microsoft Security Advisory (956187) to warn you of public exploit code available for Microsoft Security Bulletin MS08-037 (Vulnerabilities in DNS Could Allow Spoofing (953230). We have investigated the public exploit code and have determined that customers who have installed Microsoft Security Bulletin MS08-037 are not affected.
Thursday, July 10, 2008
Hello, This is Christopher Budd. I wanted to take a moment and let you know about a revision that we’ve made to MS08-037 today. After the release of MS08-037, we became aware of reports of ZoneAlarm customers experiencing issues after applying the security updates. We started investigating these reports as soon as we heard about them and have been working to research this issue.
Thursday, July 10, 2008
Hi. Bill here. I want to let you know that customers running Windows Server Update Services 3.0 Service Pack 1 on Windows Server 2008 may experience an issue installing the update provided in Microsoft Knowledge Base Article 954960. The update does not correctly elevate privileges, which are required for the installation to complete.
Wednesday, July 09, 2008
Hi. Bill here. I want to let you know that we updated Microsoft Security Advisory 954960, which contains information regarding deployment issues with Microsoft Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. Under specific conditions, the issue does not let clients detect any updates from a WSUS server on systems with Microsoft Office 2003 installed.
Tuesday, July 08, 2008
Hello, Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (953635). This advisory contains information regarding a new public report of a possible vulnerability within Microsoft Office Word which could allow for remote code execution. Our investigation thus far has shown that this vulnerability affects Microsoft Office Word 2002 Service Pack 3 only.
Tuesday, July 08, 2008
Hi, Simon here again – I just wanted to follow up on the SQL update detection issue I mentioned below. We’ve released updated WU/MU detection and an updated WSUS catalog to resolve this issue. Cheers, Simon Release Manager, MSRC July 2008 Monthly Bulletin Release I’m Simon, Release Manager in the MSRC.
Monday, July 07, 2008
Hi. Bill here. I want to let you know that we have just posted Microsoft Security Advisory 955179, which contains information regarding active, targeted attacks using a vulnerability in the Snapshot Viewer ActiveX control for Microsoft Access. The Snapshot Viewer enables you to view a report snapshot without having the standard or run-time versions of Microsoft Office Access.
Thursday, July 03, 2008
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, July 8, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
Monday, June 30, 2008
Hi. Bill here. I want to let you know that we have just posted Microsoft Security Advisory 954960, which contains information regarding deployment Issues with Microsoft Windows Server Update Services (WSUS) version 3.0 and 3.0 Service Pack 1. Under specific conditions, the issue does not let clients detect any updates from a WSUS server on systems with Microsoft Office 2003 installed.
Thursday, June 26, 2008
Hi, Andrew here, Often, when you see me blogging, I’m talking about the important work we do with the researcher community. However, in addition to work with researchers, we’re always looking for ways to foster work with others in the industry and share best practices. As I sit here today at the annual FIRST Conference and think about the future of security response, I’m excited to tell you about ICASI (Industry Consortium for the Advancement of Security on the Internet), a new non-profit organization that will enhance global IT security by proactively driving excellence and innovation in security response.
