Thursday, May 10, 2007
Hi, Andrew Cushman the new director of the MSRC here. I’m thrilled to join this kickass team. I ‘m excited by the chance to continue delivering industry leading security response and by the chance to more closely integrate my other responsibilities with the MSRC team. Over the past couple years I led Microsoft’s Security Outreach Initiative.
Tuesday, May 08, 2007
Hello everyone, This is Christopher Budd. I wanted to let you know that our bulletins for May 2007 have just posted. This includes the security update for the DNS issue discussed in Microsoft Security Advisory 935964. This month, we’re releasing three bulletins affecting Microsoft Office. These have a maximum severity of Critical for earlier versions and Important for more recent versions:
Thursday, May 03, 2007
Hello everyone, this is Christopher Budd. It’s the Thursday before May 8, 2007, the date for the May 2007 monthly security bulletin release. As we do each month on this day, we’ve posted our Advance Notification. In it, we try to provide you with information about what we’re planning to release on Tuesday to help with your planning for the release.
Friday, April 27, 2007
Hello everyone, This is Christopher Budd. We’ve not seen any new developments in the DNS situation but I wanted to go ahead and take a minute to recap the current situation so everyone is up-to-date. Also, I wanted to call out some information for your deployment planning to help expedite the deployment of the security update for this issue when we release it.
Thursday, April 26, 2007
Hi everyone this is Adrian Stone. One question that I still get regularly on the .ANI case that was part of the MS07-017 bulletin by many people outside of Microsoft is “After all the work Microsoft did leveraging the Security Development Lifecycle, why didn’t it help catch this vulnerability in Windows Vista?
Sunday, April 22, 2007
Hello everyone, This is Christopher Budd. I wanted to take a moment and provide a brief update on the situation from our work over the weekend. As of tonight, the situation remains unchanged. Our teams are continuing to work on developing and testing updates for this issue, and our ongoing monitoring of the situation shows that attacks are still not widespread.
Friday, April 20, 2007
Hi everyone. Jonathan from the SWI team here. Christopher asked me to write a guest blog entry introducing and providing some background on a new KB article that we published a few minutes ago. We have seen lots of activity in the security community about the registry key workaround we published in Security Advisory 935964.
Thursday, April 19, 2007
Hi Everyone, This is Mark Miller. For those who may not know, I’ve been the Director of Security Response Communications since October of last year. I wanted to let you all know that we have implemented a new Windows Live Alert for postings to this blog. These alerts are delivered to your email inbox, SMS and/or instant messaging and will let you know that we’ve posted something here.
Thursday, April 19, 2007
Hello everyone, This is Christopher Budd. I wanted to let you know that we’ve made a revision to our security advisory to provide some additional details and clarifications. First, though, I wanted to let you know that the situation has not changed. Our teams are continuing to work on developing and testing updates for this issue, and our ongoing monitoring of the situation shows that attacks are still not widespread.
Wednesday, April 18, 2007
Hello, This is Christopher Budd. I wanted to let you know about two updates we’ve made as part of our regular process to Knowledge Base article 925902. These discuss new known issues a small number of customers have encountered with MS07-017. First, we’ve added BMC PATROL 7.1 (now called Performance Manager, by BMC Software, Inc) to the list of applications affected by the issue discussed in Knowledge Base article 935448.
