Skip to main content
MSRC

MSRC

Reports of Issues with November Security Updates

Tuesday, December 01, 2009

We’ve received questions about public reports that customers might be experiencing system issues with the November Security Updates (which some are referring to “Black Screen” issues). We’ve investigated these reports and found that our November Security Updates are not making changes to the system that these reports say are responsible for these issues.

Security Researcher Acknowledgements for Microsoft Online Services

Tuesday, November 24, 2009

This Thursday, many people in the United States will celebrate Thanksgiving. As you probably all know, this is traditionally seen as a time to express gratitude. Well, yesterday, we updated our “Security Researcher Acknowledgments for Microsoft Online Services” page to publicly say “thank-you” to researchers that reported issues in our online services to us for the month of October.

Microsoft Security Advisory 977981 Released

Monday, November 23, 2009

We just released Security Advisory 977981 concerning an issue affecting Internet Explorer 6 and Internet Explorer 7 that could lead to remote code execution. At this time, we are not aware of any active attacks seeking to use this vulnerability. Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution.

Microsoft Security Advisory 977544 Released

Friday, November 13, 2009

Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected.

November 2009 Security Bulletin Webcast

Friday, November 13, 2009

Hello. This is Jerry Bryant letting you know that the questions and answers from our November Security Bulletin webcast have been posted and the video from the webcast is below. We did not get very many questions this month and the ones we did get covered various topics and were not focused in one particular area.

Monthly Security Bulletin Webcast Q&A - November 2009

Thursday, November 12, 2009

Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: November 2009 Security Bulletin Date: Wednesday, November 11, 2009** Q: It looks like MS09-063 is only vulnerable to attacks via the local subnet, so is a Vista computer connected via Wi-Fi with the network configured as public, vulnerable?

November 2009 Security Bulletin Release

Tuesday, November 10, 2009

Summary of Microsoft’s Security Bulletin Release for November 2009 Today, we released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). As we do every month, we have prepared our Risk & Impact and our Deployment Priority guidance to help customers assess risk to their environments and prioritize the deployment of this month’s updates.

November 2009 Bulletin Release Advance Notification

Thursday, November 05, 2009

Advance Notification for the November 2009 Security Bulletin Release To help customers plan and prioritize for this month’s security updates, we wanted to let you know that we will be releasing 6 bulletins (three critical and three important) addressing 15 vulnerabilities, affecting Windows and Microsoft Office products. Customers should plan a restart for the Windows bulletins.

Update released for MS09-054

Monday, November 02, 2009

Today we released an update 976749 that addresses two issues with MS09-054 that a limited number customers reported to us through our Customer Service and Support (CSS) group. These two issues can affect the proper display of web pages. For additional details, please refer to Microsoft Knowledge Base article 976749.

October 2009 Security Bulletin Webcast Questions and Answers

Tuesday, October 20, 2009

Hi everyone. We have posted the questions and answers from the security bulletin webcast we conducted on October 14 at this link. It was clear from all of the questions concerning MS09-062 (the GDI+ update) that there is some confusion on how to apply the update when you have a combination of SQL Server and Windows 2000 clients.