MSRC

December 2010 Security Bulletin Release

Tuesday, December 14, 2010

Hi everyone. As part of our usual cycle of monthly security updates, today Microsoft is releasing 17 bulletins addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint Server and Exchange. Two of those bulletins carry a Critical rating, while 14 are rated Important and one is rated Moderate. We’ve assigned our highest deployment priority to the two Critical bulletins, though we recommend that customers deploy all updates as soon as possible.

• Exploitability Index
• Microsoft Office
• Microsoft Windows
• Monthly bulletin release
• Security
• Security Bulletin

More about the Office File Validation backport plan

Tuesday, December 14, 2010

In November 2010, Microsoft released the first Security Bulletin (MS10-079) against an Office 2010 component, in this case Microsoft Word. Approximately 6 months had elapsed since Office 2010 launched in May and while it’s good for such a widely used product to be available for so long without any reported issues, we were naturally disappointed to release the first bulletin affecting Office 2010.

December 2010 Advance Notification Service is released

Thursday, December 09, 2010

Hi everyone. Mike Reavey from the MSRC here. Today we’re releasing our Advance Notification Service for the December 2010 security bulletin release. As we do every month, we’ve given information about the coming December release and provided links to detailed information so you can plan your deployment by product, service pack level, and severity.

• ANS
• Defense-in-depth
• Internet Explorer (IE)
• Malicious Software Removal Tool (MSRT)
• Monthly bulletin release
• Security
• Security Advisory
• Security Bulletin
• Security Update

Q&A from the November 2010 Security Bulletin Webcast

Thursday, November 11, 2010

Hello, Today we published theNovember 2010 Security Bulletin Webcast Questions & Answers page. You’ll notice it was a fairly brief webcast; all the questions we received concerned installation specifics, which we especially appreciate as a sign that customers are updating their systems quickly. We invite our customers to join us for the next public webcast on Wednesday, December 15 at 11am PST (-8 UTC), when we will go into detail about the December bulletin release and answer questions live on the air.

November 2010 Security Bulletin Release

Tuesday, November 09, 2010

Hello all. As part of our usual cycle of monthly updates, today Microsoft is releasing three security bulletins, addressing 11 vulnerabilities. One of the bulletins has a Critical severity rating, while the other two are rated Important. Recapping the trio: MS10-087 This bulletin resolves five issues affecting all currently supported Microsoft Office products.

Advance Notification Service for November 2010 Bulletins

Thursday, November 04, 2010

Hello. We’ve issued our Advance Notification Service for the November ’10 security bulletin release. This time around we’re releasing three updates addressing 11 vulnerabilities in Microsoft Office and Unified Access Gateway (UAG). One bulletin carries a Critical severity rating; the other two are rated Important. When customers buy Microsoft software, it includes high-quality security updates to be provided via predictable monthly bulletin releases, helping to protect their computing experience over time.

• ANS
• Security
• UAG

Microsoft Releases Security Advisory 2458511

Tuesday, November 02, 2010

Hi everyone, Today we released Security Advisory 2458511 to address a new vulnerability that could impact Internet Explorer users if they visit a website hosting malicious code. As of now, the impact of this vulnerability is extremely limited and we are not aware of any affected customers. The exploit code was discovered on a single website which is no longer hosting the malicious code.

• Advisory
• Internet Explorer (IE)
• Security
• Security Advisory
• Zero-Day Exploit

Q&A from the October 2010 Security Bulletin Webcast

Monday, October 18, 2010

Hello, Today we published the October 2010 Security Bulleting webcast Questions & Answers page. The October release included 16 security updates, four rated Critical, ten rated Important, and two rated Moderate to address 49 vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Internet Explorer, and Microsoft .NET Framework. We invite our customers to join us for the next public webcast on Wednesday, November 10 @11AM PST when we will go into detail about the November bulletin release and answer questions live on the air.

• Security
• Security Bulletin
• Security Update
• Security Update Webcast Q & A
• Webcast Q&A

October 2010 Security Bulletin Release

Monday, October 11, 2010

Hello - Today, as part of our regular monthly security bulletin release process, we are releasing 16 comprehensive updates addressing 49 vulnerabilities affecting Windows, Internet Explorer (IE), Microsoft Office, and the .NET Framework. This release represents our commitment to provide predictable, high-quality updates as part of the service our customers get when they buy Microsoft products.

• Monthly bulletin release
• Security Bulletin
• Security Update Webcast

Advance Notification Service for October 2010 Security Bulletin

Wednesday, October 06, 2010

Hello - As part of our predictable monthly update process, we have released our Advance Notification Service (ANS) for the October Security Bulletins, which are scheduled for release Tuesday, October 12, 2010. ANS is a service that only Microsoft provides to assist customers in planning for the upcoming security bulletin release.

• Security Bulletin