Tuesday, December 20, 2005
Hi everyone, Stephen Toulouse here. We’ve released the script to help address the SUS 1.0 issue Craig mentioned earlier to the download center. We’ve also updated the KB article that details the problem, click here to zoom straight to the section on the new script that is available. S. *This posting is provided “AS IS” with no warranties, and confers no rights.
Tuesday, December 13, 2005
Hi everyone. One tired Release Manager Craig here. Today we released 2 new bulletins, details below. But a quick note: For the SUS 1.0 Admins, you may be experiencing some problems with all your previously approved updates are now showing up as “unapproved”. This doesn’t impact the update level of your SUS clients, or the ability to deploy today’s updates with SUS 1.
Thursday, December 08, 2005
Stephen Toulouse here gang. The Advance Notification for the security bulletin release for this month has posted. This coming Tuesday, we’re planning to release two security bulletins affecting Microsoft Windows. The maximum total severity rating for this month is Critical, so please update systems as soon as possible when the bulletins are available this coming Tuesday.
Wednesday, December 07, 2005
We’ve received some questions regarding a reported cross-site scripting (XSS) issue affecting Internet Explorer. Google Desktop was used in a proof of concept to demonstrate how, in some cases, this issue could allow an attacker to obtain sensitive information. This issue may be a bit confusing because it is not really an XSS issue.
Tuesday, November 29, 2005
Hi everyone, I’ve been working on my IT Forum update recapping our trip to Barcelona. But I wanted to go ahead and let you know some breaking information. We’ve been made aware that there has been some malicious software exploiting the recently publicly disclosed Internet Explorer vulnerability. We have just updated our security advisory to reflect this new information, and wanted to let you know that you can visit Windows Live Safety Center if you think you might be infected as a result of this vulnerability.
Monday, November 21, 2005
Stephen Toulouse here. Just wanted to make everyone aware that this evening we’ve posted a security advisory regarding a publicly disclosed issue in Internet Explorer. You can read all the details here. S. *This posting is provided “AS IS” with no warranties, and confers no rights.*
Thursday, November 17, 2005
Hello readers, Mike Reavey here. There has been a fair amount of attention around the ”Sony XCP software” over the last many days. As you may know from the anti-malware blog, Windows Defender and Windows AntiSpyware Beta have included detection and removal for the rootkit component of this software. However, there are also some questions regarding the ActiveX control that was released by Sony to allow the removal of the rootkit.
Tuesday, November 15, 2005
Stephen Toulouse here. I just finished my presentation on the Microsoft Security Response Center here at IT Forum. It was a good talk and I got some great feedback on our security efforts. I also snapped some pics! Here’s here’s the room I presented in before they let people in, here’s the Microsoft booth, here’s the MSRC booth, here’s the ask the experts section, and here’s the exhibition floor just before they opened it.
Saturday, November 12, 2005
Hi everyone, Stephen Toulouse here. I’m typing these words at a speed of about 560 miles an hour currently over the northwest portion of Canada. I’m flying the night time SAS flight from Seattle to Europe for IT Forum in Barcelona and just had to blog. They have Connexion by Boeing on this flight.
Thursday, November 10, 2005
Stephen Toulouse here! Just wanted to let you know that last night we posted a detailed security advisory on the Macromedia Flash Player vulnerability. You can check it out here. Also, the SUS 1.0 problem with Tuesday’s update has been addressed and it’s online. Just to let you know, we had an unforeseen problem with a machine that handles creating those packages and we’re investigating how we can prevent such things in the future.
