msrc | Microsoft Security Response Center

MSRC Blog: Security Advisory 945713

Monday, December 03, 2007

Hello. My name is Tim Rains and I work on the Security Response Communications Team at Microsoft. My team works to provide communications around security response to our customers through the MSRC Blog and other types of communications vehicles. I want to let you know that we have just posted Microsoft Security Advisory 945713, which provides information about a vulnerability in the way Microsoft Windows XP SP2, Windows Server 2003 SP1, Windows Server 2003 SP2 and Windows Vista find a Web Proxy Automatic Discovery (WPAD) server.

November 2007 Monthly Release

Tuesday, November 13, 2007

Hi, this is Simon, Release Manager in the MSRC. I’d like to introduce you to our November security release. Today we are releasing two new bulletins: · [**MS07-061**](http://www.microsoft.com/technet/security/Bulletin/MS07-061.mspx): This update addresses a vulnerability in Windows URI handling, which could allow remote code execution and has a maximum severity of Critical. ** · [**MS07-062**](http://www.

November 2007 Advance Notification

Thursday, November 08, 2007

Hello, I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, November 13th, 2007 at or around 10 a.m. Pacific Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.

MSRC Blog: Security Advisory (944653)

Monday, November 05, 2007

Today, in cooperation with Macrovision, we issued an Advisory related to a vulnerability in the Macrovision SECDRV.SYS Driver that is included with Windows XP and Windows 2003. Equally important, Macrovision also released an Advisory for this issue, which includes a security update. We recommend that customers review the Macrovision advisory before applying it.

MSRC Blog: October 25th Update To Security Advisory 943521

Thursday, October 25, 2007

Hi everyone, Bill Sisk here. This week we became aware of publicly disclosed exploit code being used in limited attacks on customers. This change in the threat landscape has prompted us to update last week’s Security Advisory 943521 and triggered our Software Security Incident Response Plan (SSIRP). Third party applications are currently being used as the vector for attack and customers who have applied the security updates available from these vendors are currently protected.

MSRC Blog: Additional Details and Background on Security Advisory 943521

Wednesday, October 10, 2007

Hi everyone. This is Jonathan from the SWI team in the MSRC. We’ve just released Security Advisory 943521 regarding a vulnerability affecting Windows Server 2003 and Windows XP with Internet Explorer 7 installed. As you have probably noted there’s been a fair amount of discussion on this issue. One of the reasons we are releasing this Advisory is due to increased risk given recent discussions about how this vulnerability could be used in attacks.

MSRC Blog: Security Advisory 943521

Wednesday, October 10, 2007

Since this is my first post, I suppose a quick introduction is in order. I’m Bill Sisk, a member of the Security Response Communications Team. My team works to provide communications around security response issues to our customer through MSRC Blogs and other outreach vehicles. As part of that I wanted to let people know that we just posted Microsoft Security Advisory 943521, which gives additional information about a vulnerability in the way Microsoft Windows XP SP2 and Windows 2003 SP1 and SP2 handle URI’s when only Internet Explorer 7 installed.

October 2007 Monthly Release

Tuesday, October 09, 2007

Hi Everyone! This is Tami Gallupe, MSRC release manager, and here is a brief update on the bulletins we released today. Today, we released 6 bulletins: 4 have a maximum severity rating of Critical and 2 have a maximum severity rating of Important. The bulletins are as follows: MS07-055 addresses a vulnerability in Kodak Image Viewer, and is rated as a Critical bulletin.

October 2007 Advance Notification

Thursday, October 04, 2007

Hello, This is Christopher Budd. I wanted to let you know that we’ve just posted our Advance Notification for next week’s bulletin release on Tuesday October 9, 2007 at or around 10 a.m. Pacific Time. A reminder that the information we post is intended to help with your planning for next week, but because it is preliminary information it is subject to change.

Announcing BlueHat v6

Thursday, September 20, 2007

Hi, Andrew Cushman here. I wanted to let you know that BlueHat is back in Redmond, as BlueHat v6: The Vuln Behind The Curtain opens September 27th and 28th. Once again we have two days of great security content that covers the spectrum of issues in security. For more information please see the BlueHat Blog at http://blogs.