Sunday, December 27, 2009
Hi everyone, On Dec. 23 we were made aware of a new claim of a vulnerability in Internet Information Services (IIS). We are still investigating this issue and are not aware of any active attacks but wanted to let customers know that our initial assessment shows that the IIS web server must be in a non-default, unsafe configuration in order to be vulnerable.
Friday, December 11, 2009
Hello again. This is Jerry Bryant letting you know that the questions and answers from the December 2009 security bulletin webcast have now been posted here. There is one question that I wanted to provide a little more information on and that references reports of KB973917 causing problems with Internet Information Services (IIS) 6.
Friday, December 11, 2009
Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: December 2009 Security Bulletins Date: Wednesday, December 9, 2009 Q: In reference to Windows Vista ** KB973565, we have machines that install this update, then reboot and uninstall the update. Is this a known problem?
Tuesday, December 08, 2009
Summary of Microsoft’s Security Bulletin Release for December 2009 As noted in our Advance Notification (ANS) last Thursday, for the December bulletin release we issued six security bulletins addressing 12 vulnerabilities. Affected products include Windows, Internet Explorer (IE) and Microsoft Office products. In the ANS, we also noted that the bulletin for IE (MS09-072) is at the top of our deployment priority list this month.
Thursday, December 03, 2009
Advance Notification for the December 2009 Security Bulletin Release For December we are planning to release six new security bulletins addressing 12 vulnerabilities in Windows, Internet Explorer (IE) and Microsoft Office products. Three of the bulletins have a maximum severity rating of Critical and three have a maximum severity rating of Important.
Tuesday, December 01, 2009
We’ve received questions about public reports that customers might be experiencing system issues with the November Security Updates (which some are referring to “Black Screen” issues). We’ve investigated these reports and found that our November Security Updates are not making changes to the system that these reports say are responsible for these issues.
Tuesday, November 24, 2009
This Thursday, many people in the United States will celebrate Thanksgiving. As you probably all know, this is traditionally seen as a time to express gratitude. Well, yesterday, we updated our “Security Researcher Acknowledgments for Microsoft Online Services” page to publicly say “thank-you” to researchers that reported issues in our online services to us for the month of October.
Monday, November 23, 2009
We just released Security Advisory 977981 concerning an issue affecting Internet Explorer 6 and Internet Explorer 7 that could lead to remote code execution. At this time, we are not aware of any active attacks seeking to use this vulnerability. Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution.
Friday, November 13, 2009
Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected.
Friday, November 13, 2009
Hello. This is Jerry Bryant letting you know that the questions and answers from our November Security Bulletin webcast have been posted and the video from the webcast is below. We did not get very many questions this month and the ones we did get covered various topics and were not focused in one particular area.
