Tuesday, October 09, 2007
Hi Everyone! This is Tami Gallupe, MSRC release manager, and here is a brief update on the bulletins we released today. Today, we released 6 bulletins: 4 have a maximum severity rating of Critical and 2 have a maximum severity rating of Important. The bulletins are as follows: MS07-055 addresses a vulnerability in Kodak Image Viewer, and is rated as a Critical bulletin.
Thursday, October 04, 2007
Hello, This is Christopher Budd. I wanted to let you know that we’ve just posted our Advance Notification for next week’s bulletin release on Tuesday October 9, 2007 at or around 10 a.m. Pacific Time. A reminder that the information we post is intended to help with your planning for next week, but because it is preliminary information it is subject to change.
Thursday, September 20, 2007
Hi, Andrew Cushman here. I wanted to let you know that BlueHat is back in Redmond, as BlueHat v6: The Vuln Behind The Curtain opens September 27th and 28th. Once again we have two days of great security content that covers the spectrum of issues in security. For more information please see the BlueHat Blog at http://blogs.
Thursday, September 13, 2007
Hi everyone. Ben from the MSRC here. I am the case manager that handled the Crystal Reports for Visual Studio Bulletin, MS07-052, and I wanted to let you know that today we updated our detection and deployment logic for that bulletin. First, I want to note that we’re not making any changes to the update itself given it protects against the vulnerability discussed in the bulletin.
Wednesday, September 12, 2007
Hi everyone. Jonathan from the SWI team in the MSRC here again. I’d like to give some more detail around the conditions required to exploit MS07-054, the vulnerability in MSN Messenger and Windows Live Messenger. You can read from the bulletin that MS07-054 affects MSN Messenger 6.2, 7.0, 7.5 and Windows Live Messenger 8.
Tuesday, September 11, 2007
Hello, This is Christopher Budd. I wanted to go ahead and let you know that we’ve posted our bulletins for the September 2007 monthly release. This month we’ve released: MS07-051: This bulletin addresses a vulnerability in Microsoft Agent on Windows 2000 only. This bulletin is rated “Critical”.** MS07-052: This bulletin addresses a vulnerability in Crystal Reports which shipped with some versions of Visual Studio.
Thursday, September 06, 2007
Hello, This is Christopher Budd and today is the Thursday before the scheduled September 2007 bulletin release on Tuesday Sept. 11, 2007. As we do each month, as part of our processes to help make security updates more predictable and assist with your planning, we’ve posted our Advance Notification with preliminary information about next week’s release.
Thursday, August 23, 2007
Hi everyone. Jonathan from the SWI team in the MSRC here. My team researches potential mitigations and workarounds as part of the comprehensive investigations we do for each security bulletin. We regularly discover information that could help customers better understand how to protect themselves via mitigations and workarounds. This month, I wanted to give you information about the Virtual PC and Virtual Server bulletin and some “best practices” guidance to help protect yourself from this class of vulnerability.
Monday, August 20, 2007
Hello everyone this is Christopher Budd. We’ve been getting questions from customers about a posting that Skype made today about a recent service outage they experienced on August 16, 2007. Specifically, we have questions from customers looking for clarification about the role Windows Update and this month’s release played in that situation, if any.
Tuesday, August 14, 2007
August 2007 Monthly Bulletin Release I’m Simon, Release Manager in the MSRC. The August release contains 9 new bulletins, 6 of which have maximum severities of “Critical”. MS07-042 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) MS07-043 Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
