Skip to main content
MSRC

MSRC

Q&A from the January 2011 Security Bulletin Webcast

Thursday, January 13, 2011

Hello, Today we published the January Security Bulletin Webcast Questions & Answers page. We fielded five questions on various topics during the webcast. We invite our customers to join us for the next public webcast on Wednesday, February 9th at 11am PST (-8 UTC), when we will go into detail about the February bulletin release and answer questions live on the air.

January 2011 Security Bulletin Release

Tuesday, January 11, 2011

Hello - Today as part of our monthly security bulletin release we have two bulletins addressing three vulnerabilities in Microsoft Windows and Windows Server. This first bulletin is rated Important, while the second is rated Critical. MS11-001. This bulletin resolves one reported issue rated Important and affecting Windows Vista. This security bulletin addresses a vulnerability in Windows Backup Manager.

Advance Notification Service for the January 2011 Security Bulletin Release

Thursday, January 06, 2011

Hello everyone - It’s a new year and the Microsoft Security Response Center is ready to provide the Advance Notice for January’s security bulletins. We have two bulletins addressing three vulnerabilities in Windows. The first bulletin is Important and affects Windows Vista. The second bulletin has an aggregate of Critical and all supported versions of Windows are affected.

Microsoft releases Security Advisory 2490606

Tuesday, January 04, 2011

Hello - Today we released Security Advisory 2490606, which addresses a publicly disclosed vulnerability affecting Microsoft Windows Graphics Rendering Engine on Vista, Server 2003, and Windows XP. We are not aware of any affected customers, nor of any active attacks targeting customers. The vulnerability does not affect Windows 7 or Windows Server 2008 R2, the newest versions of our operating system.

Microsoft Releases Security Advisory 2488013

Wednesday, December 22, 2010

Hello, Today we released Security Advisory 2488013 to address a public vulnerability that could affect customers using Internet Explorer 6, 7 and 8 if they visit a website hosting malicious code. Currently the impact of this vulnerability is limited and we are not aware of any affected customers or active attacks targeting customers.

Q&A from the December 2010 Security Bulletin Webcast

Friday, December 17, 2010

Hello, Today we published the December 2010 Security Bulletin Webcast Questions & Answers page. We fielded 17 questions, most concerning the Internet Explorer update and the re-releases of bulletins this month. We invite our customers to join us for the next public webcast on Wednesday, January 12 at 11am PST (-8 UTC), when we will go into detail about the December bulletin release and answer questions live on the air.

Benefits of Office 2010 File Validation will be made available for Office 2003 and 2007

Tuesday, December 14, 2010

Hello everyone – We’re really excited to announce that Office File Validation, currently part of Office 2010, will soon be made available for Office 2003 and 2007. During development of Office 2010, the Office Team, in conjunction with members of the Microsoft Engineering Center (MSEC) organization, performed a number of actions to increase protections for file parsing code.

December 2010 Security Bulletin Release

Tuesday, December 14, 2010

Hi everyone. As part of our usual cycle of monthly security updates, today Microsoft is releasing 17 bulletins addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint Server and Exchange. Two of those bulletins carry a Critical rating, while 14 are rated Important and one is rated Moderate. We’ve assigned our highest deployment priority to the two Critical bulletins, though we recommend that customers deploy all updates as soon as possible.

More about the Office File Validation backport plan

Tuesday, December 14, 2010

In November 2010, Microsoft released the first Security Bulletin (MS10-079) against an Office 2010 component, in this case Microsoft Word. Approximately 6 months had elapsed since Office 2010 launched in May and while it’s good for such a widely used product to be available for so long without any reported issues, we were naturally disappointed to release the first bulletin affecting Office 2010.

December 2010 Advance Notification Service is released

Thursday, December 09, 2010

Hi everyone. Mike Reavey from the MSRC here. Today we’re releasing our Advance Notification Service for the December 2010 security bulletin release. As we do every month, we’ve given information about the coming December release and provided links to detailed information so you can plan your deployment by product, service pack level, and severity.