msrc | Microsoft Security Response Center

Simon says “IANAD”

Thursday, September 15, 2005

It’s been 10 years since I did any hands-on dev work. However working in the security space at Microsoft, “SDL” or the Security Development Lifecycle is very visible and obviously important to even those not directly involved in development. We had the opportunity here in LA to share with customers how Microsoft took BillG’s edict that security should be our top priority, and over the past couple of years re-engineer our entire development process to implement this vision at every level - from design through to post-release maintenance.

PDC from Alexandra's eyes

Wednesday, September 14, 2005

Hi all- my name is Alexandra Huft, I am a Security Program Manager within the Microsoft Security Response Center, and I’m new to the blog. This being my first PDC I’ve attended,it has been amazing. It looks like a small swarm with all of dev’s that are attending this year. Last night we had the Microsoft reception which was seemed very much welcomed.

September's security update release cycle

Tuesday, September 13, 2005

Well it’s Tuesday, and it been another busy day. That might be surprising since we didn’t release any new security updates, but there’s always a lot going on in the MSRC. While the decision to not ship the security update was a difficult one, it was encouraging to see that several customers, security researchers and even the press felt it was the right decision.

The MSRC live from PDC 2005

Tuesday, September 13, 2005

Craig Gehre here reporting from the Professional Developer’s Conference in L.A. and I have to say that PDC is really coo this year! If you like to code or anything related to developing with, or for, the latest technologies this is the place for you. I hit Bill Gates’ keynote for a bit and then headed over to our MSRC booth to get situated.

REVISED: September Advance Notification

Friday, September 09, 2005

Hey folks, Mike Reavey again. So, we’ve had a little change in plans for next week and wanted to make you all aware of it. This afternoon we revised the information in the Advance Notification to reflect a change for next week’s release. Microsoft will not be issuing any new security updates on September 13th as part of the September monthly bulletin release cycle.

September Advance Notification

Thursday, September 08, 2005

Hey folks, Mike Reavey here again – and while its been a pretty busy morning (the way I like it) I did want to take a quick second to make sure everyone saw the Advance Notification for the Security Bulletin release this September. This coming Tuesday, we’re planning to release one security bulletin, and its in Windows.

Some thoughts on a quiet Wednesday

Wednesday, September 07, 2005

This is Mike Reavey here. It’s been a little bit quieter around the MSRC for the last week, but I thought I’d take a second now to point out a few things that you might not know exist. First off, I need to give a big shout out to the fact that the individuals responsible for creating and releasing Zotob have been arrested.

New Security Advisory on Windows Firewall Exception

Friday, September 02, 2005

Hi Folks, – you may have noticed that we posted an advisory earlier this week: http://www.microsoft.com/technet/security/advisory/897663.mspx. This advisory discusses how a malformed registry key entry could allow an exception to be entered into the firewall, but this exception wouldn’t be visible in the standard firewall graphical user interfaces. In response to customer feedback and to clear up any confusion, we wanted to be explicit that in order for this type of action to happen a system would already have to be compromised and malicious code be running as an administrator.

The View from the Situation Room

Wednesday, August 17, 2005

Hi everyone, Mike Reavey here. I wanted to take a moment and blog live from our MSRC Situation Room. (those of you watching CNN this morning got a glimpse of it!) The Situation Room is a dedicated room inside the Microsoft campus. When there is a problem or an attack impacting customers, we bring all of the right people into that room to work on the problem.

Guidance pages and information on Worm:Win32/Zotob.A

Sunday, August 14, 2005

Ok, earlier this morning we activated our Software Security Incident Reponse Process to respond to a malicious attack known as Worm:Win32/Zotob.A. Our investigation has determined that only a small number of customers have been affected and we’re working directly with them. We have seen no indication of widespread impact to the Internet, but we have posted a guidance page as well as an encyclopedia entry on this attack.