Thursday, April 09, 2009
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release, scheduled for Tuesday, April 14, 2009 around 10 a.m. Pacific Daylight Time. This should help you plan for your deployment process for next week and address these vulnerabilities to protect your computing environments.
Thursday, April 09, 2009
We’ve seen some activity in the Conficker space in the past two days and this has caused some questions from customers. Specifically, there have been reports of two possible new variants of Conficker. Our colleagues over at the Microsoft Malware Protection Center (MMPC) have done a thorough analysis of both of these and have determined that there’s really only one new variant, which they’re calling Conficker.
Wednesday, April 08, 2009
Hello, Bill here, Today is the release of the Microsoft Security Intelligence Report volume 6. The report can be found here: http://www.microsoft.com/sir. A section in the report is devoted to out-of-band (OOB) releases. So, I thought I would blog a bit about these types of releases in the broader context of update management.
Thursday, April 02, 2009
Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (969136). This advisory contains information regarding public reports of a vulnerability in Microsoft Office PowerPoint that could allow for remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.
Wednesday, April 01, 2009
We’ve gotten a number of questions from customers asking us if we’ve seen any new activity from the Conficker worm now that it’s April 1, 2009. We and our partners in the Conficker Working Group have been watching closely and we’ve not seen any new malicious activity from Conficker. We haven’t seen any actions outside of what we expected.
Friday, March 27, 2009
We’ve received a lot of questions from customers about April 1, 2009 and the latest Conficker variant discovered earlier this month, Worm:Win32/Conficker.D (also known as Conficker.C or Downadup.C by some other companies). I wanted to let you know that we’ve put some new information up about Conficker.D today from our work with our partners in the Conficker Working Group.
Monday, March 16, 2009
Hosts: Adrian Stone, Senior Security Program Manager Lead Steve Adegbite, Senior Security Program Manager Lead Website: TechNet/security Chat Topic: March 2009 Security Bulletin Date: Wednesday, March 11, 2009 Q: The Bulletin Summary received yesterday indicated all MS09-008 vulnerabilities were set to Exploitability Level 2. When did this change and why?
Monday, March 16, 2009
Hi, During this month’s webcast we were able to address 18 questions in the time allotted. Most of the questions centered on the MS09-008, the DNS and WINS Server bulletin. We did address some additional questions regarding MS09-006, the Windows kernel bulletin, and the Malicious Software Removal Tool (MSRT). Here is the link to the full Q&A so you can see all of the answers that were provided for these great questions:
Friday, March 13, 2009
Hi Bill here, You may have seen reports regarding the effectiveness of Microsoft Security Bulletin MS09-008. I wanted to let everyone know that we have thoroughly reviewed these reports, and customers who’ve deployed this update are protected from the four vulnerabilities outlined in the bulletin. We’ve also been collaborating with several researchers regarding the effectiveness of this update, as it is a complex issue, and have released more details about these vulnerabilities and how the Security Update addresses them.
Thursday, March 12, 2009
Hey everyone, Jerry Bryant here. I am back with the videos from yesterday’s security bulletin webcast. We got great responses to the overview video we posted on Tuesday. To compliment that, the videos below go in to more detail on each bulletin and the exploitability index. As always, please plan to attend our monthly security bulletin webcast live if you can as we staff those with subject matter experts to answer the questions you have about the bulletins we released.
