MSRC

February 2011 Security Bulletin Release

Tuesday, February 08, 2011

Hello all – Today, as part of our monthly security bulletin release, we have 12 bulletins addressing 22 vulnerabilities in Microsoft Windows, Office, Internet Explorer, and IIS (Internet Information Services). Three bulletins are rated Critical, and these are the bulletins we recommend for priority deployment: o MS11-003. This bulletin resolves three critical-level and moderate-level vulnerabilities affecting all versions of Internet Explorer.

Read More

• Exploitability Index
• IIS
• Internet Explorer (IE)
• Microsoft Office
• Microsoft Windows
• Monthly bulletin release
• Security Bulletin
• Security bulletin release
• Security Update

Advance Notification Service for the February 2011 Security Bulletin Release

Thursday, February 03, 2011

Hello all - Today, as part of our usual monthly bulletin cadence, we are providing our Advance Notification Service for February’s security bulletins. This month, we’ll release 12 bulletins, three of them rated Critical and nine rated Important, addressing issues in Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. 22 issues will be addressed.

Read More

• Advisory
• Security Advisory

Microsoft releases Security Advisory 2501696

Friday, January 28, 2011

Hello. Today we’re releasing Security Advisory 2501696, which describes a publicly disclosed scripting vulnerability affecting all versions of Microsoft Windows. The main impact of the vulnerability is unintended information disclosure. We’re aware of published information and proof-of-concept code that attempts to exploit this vulnerability, but we haven’t seen any indications of active exploitation.

Read More

• Microsoft Windows
• Security Advisory

Q&A from the January 2011 Security Bulletin Webcast

Thursday, January 13, 2011

Hello, Today we published the January Security Bulletin Webcast Questions & Answers page. We fielded five questions on various topics during the webcast. We invite our customers to join us for the next public webcast on Wednesday, February 9th at 11am PST (-8 UTC), when we will go into detail about the February bulletin release and answer questions live on the air.

Read More

• Security
• Security Bulletin
• Security bulletin release
• Security Update
• Security Update Webcast
• Security Update Webcast Q & A

January 2011 Security Bulletin Release

Tuesday, January 11, 2011

Hello - Today as part of our monthly security bulletin release we have two bulletins addressing three vulnerabilities in Microsoft Windows and Windows Server. This first bulletin is rated Important, while the second is rated Critical. MS11-001. This bulletin resolves one reported issue rated Important and affecting Windows Vista. This security bulletin addresses a vulnerability in Windows Backup Manager.

Read More

• Monthly bulletin release
• Security Bulletin
• Security bulletin release

Advance Notification Service for the January 2011 Security Bulletin Release

Thursday, January 06, 2011

Hello everyone - It’s a new year and the Microsoft Security Response Center is ready to provide the Advance Notice for January’s security bulletins. We have two bulletins addressing three vulnerabilities in Windows. The first bulletin is Important and affects Windows Vista. The second bulletin has an aggregate of Critical and all supported versions of Windows are affected.

Read More

• ANS

Microsoft releases Security Advisory 2490606

Tuesday, January 04, 2011

Hello - Today we released Security Advisory 2490606, which addresses a publicly disclosed vulnerability affecting Microsoft Windows Graphics Rendering Engine on Vista, Server 2003, and Windows XP. We are not aware of any affected customers, nor of any active attacks targeting customers. The vulnerability does not affect Windows 7 or Windows Server 2008 R2, the newest versions of our operating system.

Read More

• Advisory

Microsoft Releases Security Advisory 2488013

Wednesday, December 22, 2010

Hello, Today we released Security Advisory 2488013 to address a public vulnerability that could affect customers using Internet Explorer 6, 7 and 8 if they visit a website hosting malicious code. Currently the impact of this vulnerability is limited and we are not aware of any affected customers or active attacks targeting customers.

Read More

• Security Advisory

Q&A from the December 2010 Security Bulletin Webcast

Friday, December 17, 2010

Hello, Today we published the December 2010 Security Bulletin Webcast Questions & Answers page. We fielded 17 questions, most concerning the Internet Explorer update and the re-releases of bulletins this month. We invite our customers to join us for the next public webcast on Wednesday, January 12 at 11am PST (-8 UTC), when we will go into detail about the December bulletin release and answer questions live on the air.

Read More

• Internet Explorer (IE)
• Monthly bulletin release
• Security
• Security Bulletin
• Security Update
• Security Update Webcast
• Security Update Webcast Q & A
• Webcast Q&A

Benefits of Office 2010 File Validation will be made available for Office 2003 and 2007

Tuesday, December 14, 2010

Hello everyone – We’re really excited to announce that Office File Validation, currently part of Office 2010, will soon be made available for Office 2003 and 2007. During development of Office 2010, the Office Team, in conjunction with members of the Microsoft Engineering Center (MSEC) organization, performed a number of actions to increase protections for file parsing code.

Read More

• Microsoft Office