Wednesday, May 16, 2007
Hello everyone, This is Mark Miller again to let you know about some additional changes we are making this month. In April, we announced changes to our blog site. This month we are announcing changes to our Advanced Notification Service (ANS) as well as some changes we are planning to make to the format of our security bulletins in June.
Wednesday, May 16, 2007
Hello everyone, this is Christopher Budd. I wanted to let people know that as part of our regular process, we’ve made an update to the Master KB article for MS07-027, 931768. Specifically, we’ve added an entry pointing to a new KB article, 937409, that discusses an issue that can occur for IE 7 customers who have changed the default locations of the “Temporary Internet Files” after they apply MS07-027.
Thursday, May 10, 2007
Hi, Andrew Cushman the new director of the MSRC here. I’m thrilled to join this kickass team. I ‘m excited by the chance to continue delivering industry leading security response and by the chance to more closely integrate my other responsibilities with the MSRC team. Over the past couple years I led Microsoft’s Security Outreach Initiative.
Tuesday, May 08, 2007
Hello everyone, This is Christopher Budd. I wanted to let you know that our bulletins for May 2007 have just posted. This includes the security update for the DNS issue discussed in Microsoft Security Advisory 935964. This month, we’re releasing three bulletins affecting Microsoft Office. These have a maximum severity of Critical for earlier versions and Important for more recent versions:
Thursday, May 03, 2007
Hello everyone, this is Christopher Budd. It’s the Thursday before May 8, 2007, the date for the May 2007 monthly security bulletin release. As we do each month on this day, we’ve posted our Advance Notification. In it, we try to provide you with information about what we’re planning to release on Tuesday to help with your planning for the release.
Friday, April 27, 2007
Hello everyone, This is Christopher Budd. We’ve not seen any new developments in the DNS situation but I wanted to go ahead and take a minute to recap the current situation so everyone is up-to-date. Also, I wanted to call out some information for your deployment planning to help expedite the deployment of the security update for this issue when we release it.
Thursday, April 26, 2007
Hi everyone this is Adrian Stone. One question that I still get regularly on the .ANI case that was part of the MS07-017 bulletin by many people outside of Microsoft is “After all the work Microsoft did leveraging the Security Development Lifecycle, why didn’t it help catch this vulnerability in Windows Vista?
Sunday, April 22, 2007
Hello everyone, This is Christopher Budd. I wanted to take a moment and provide a brief update on the situation from our work over the weekend. As of tonight, the situation remains unchanged. Our teams are continuing to work on developing and testing updates for this issue, and our ongoing monitoring of the situation shows that attacks are still not widespread.
Friday, April 20, 2007
Hi everyone. Jonathan from the SWI team here. Christopher asked me to write a guest blog entry introducing and providing some background on a new KB article that we published a few minutes ago. We have seen lots of activity in the security community about the registry key workaround we published in Security Advisory 935964.
Thursday, April 19, 2007
Hi Everyone, This is Mark Miller. For those who may not know, I’ve been the Director of Security Response Communications since October of last year. I wanted to let you all know that we have implemented a new Windows Live Alert for postings to this blog. These alerts are delivered to your email inbox, SMS and/or instant messaging and will let you know that we’ve posted something here.
