Thursday, May 03, 2012
During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our non-disclosure agreement (NDA). Microsoft takes breaches of our NDAs very seriously and has removed this partner from the MAPP Program.
Friday, April 13, 2012
Hello, Today we published the April Security Bulletin Webcast Questions & Answers page, and the slide deck presented in the webcast. We fielded 15 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast on Wednesday, May 9 at 11am PDT (UTC -7), when we will go into detail about the May bulletin release and answer questions live on the air.
Tuesday, April 10, 2012
Hello, As you know, today is Update Tuesday. Before I go into the bulletin details, however, I wanted to let you know that today we’re notifying customers that Windows XP and Office 2003 will go out of support in April 2014. We understand that preparing to deploy the latest versions of Windows and Office may take time for some organizations, and we encourage all customers to upgrade to the latest operating system to help protect your systems.
Thursday, April 05, 2012
Hello, Today we’re releasing our advance notification for the April security bulletin release, which is scheduled for Tuesday, April 10. This month’s release includes 6 bulletins addressing 11 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, Forefront UAG, and .NET Framework. All 6 bulletins will be released on Tuesday, April 10 at approximately 10 a.
Tuesday, April 03, 2012
The entry window for the first annual BlueHat Prize closed at 11:59pm PDT on April 1. We’ve been eagerly awaiting a final entry count from the contest organizers, and senior security strategist Katie Moussouris has just posted that tally on the EcoStrat blog. Congratulations to all participants and good luck to the BlueHat Prize Board, which finds itself eyebrow-deep in exciting new defensive-security ideas as the competition judging process begins.
Monday, March 26, 2012
Nearly nine months after we announced the first annual BlueHat Prize competition for innovations in defensive security technologies, we’re just days away from the submission deadline. On the EcoStrat blog today, Senior Security Strategist Katie Moussouris gives a glimpse into the frantic final days of the competition period. If you’re working on your own entry (deadline April 1!
Friday, March 16, 2012
Hello, Today we published the March Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded twelve questions focusing on MS12-020 (aka “the RDP update”). Two additional questions for MS12-022 regarding Microsoft Expression Design were answered after the webcast. All questions are included on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday, April 11, 2012 at 11am PDT (UTC -7), when we will go into detail about the April bulletin release and answer questions live on the air.
Friday, March 16, 2012
On March 15, we became aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020, which we released Tuesday. We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution. We recommend customers deploy MS12-020 as soon as possible, as this security update protects against attempts to exploit CVE-2012-0002.
Tuesday, March 13, 2012
Hello. Today we’re releasing six security bulletins – one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. We recommend that customers focus on MS12-020, our sole critical-class bulletin, as the March deployment priority. A little about MS12-020: MS12-020 (Windows) : This bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP).
Thursday, March 08, 2012
Hello. Today we’re releasing our advance notification for the March security bulletin release, which is scheduled for Tuesday, March 13. This month’s release includes six bulletins addressing seven vulnerabilities in Microsoft Windows, Visual Studio, and Expression Design. As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.
