Tuesday, April 03, 2007
Hey Folks – this is Mike Reavey. We’re all glad that MS07-017 – the Security Bulletin that fixes the vulnerability in Animated Cursor Handling (CVE-2007-1215) – has been released, helping to block attacks on that vulnerability. While we released it within 5 days of being notified of attacks, we have received questions from customers about why it took us 3 months to develop and release the fix for this vulnerability.
Tuesday, April 03, 2007
Hello everyone, This is Christopher Budd. I wanted to follow up on my posting from Sunday night to let you know that we’ve released the security update, MS07-017, that addresses the vulnerability in Windows Animated Cursor Handling. As I noted on Sunday night, we originally planned to release the update on Tuesday, April 10, 2007 as part of our regular monthly release of security bulletins.
Sunday, April 01, 2007
Hello everyone, this is Christopher Budd. We have some new information tonight on the status of the security update that we’re working on that addresses the vulnerability in Windows Animated Cursor Handling. From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat.
Saturday, March 31, 2007
Hello everyone, this is Christopher Budd. As I noted yesterday, we have teams doing ongoing investigation and research around the technical issues for the vulnerability in Windows Animated Cursor Handling. Today, we’ve made an update to the advisory with additional information from that ongoing work. We’ve added information regarding Windows 2003 Service Pack 2 in the “Related Software” section to note that these versions are affected by the issue as well.
Friday, March 30, 2007
Hello everyone, This is Christopher Budd. We’ve gotten some questions from customers around the security advisory that we released yesterday, Microsoft Security Advisory (935423). Specifically, we’ve been getting questions about: · When we learned about the vulnerability · When we learned about the attack · What we’re doing to help protect customers
Thursday, March 29, 2007
Hey everyone this is Adrian Stone, I wanted to let people know that we have just posted Microsoft Security Advisory (935423). This advisory addresses new public reports of very limited attacks against a newly reported vulnerability in Microsoft Windows Animated cursor handling. We’ve activated our Software Security Incident Response Process (SSIRP) and there are few items worth noting:
Tuesday, March 13, 2007
Hello, this is Christopher Budd, Since it’s the second Tuesday for March, I wanted to go ahead and make a short posting to confirm what we announced last Thursday: we are not releasing any security updates today. We are releasing an update to the Malicious Software Removal Tool today: this month’s update removes Win32/Alureon and you can download the tool at www.
Thursday, March 08, 2007
Hello, This is Christopher Budd and it’s the Thursday before the Second Tuesday for March 2007. As we do each month at this time, we’ve posted our Advance Notification for the upcoming security bulletin release. For the month of March 2007, we will not be releasing any new security updates on March 13, 2007.
Wednesday, February 14, 2007
Hey everyone this is Alexandra Huft, Very briefly, I wanted to let you know that we’ve posted a new advisory on a new Word issue. We’ve posted Microsoft Security Advisory (933052) that details a vulnerability that affects Word 2000 and Word 2002. We’ve activated our Software Security Incident Response Process (SSIRP) and we are aware of We are aware of very limited, targeted attacks attempting to exploit this.
Tuesday, February 13, 2007
Hi Everyone! This is Tami Gallupe. I’m one of the new release managers here with the MSRC. I and my colleague Simon are taking over the release mantle from Craig Gehre here, so you’ll be hearing from us now with information about our releases. For my first post, I wanted to go ahead and let you know about February’s bulletin release.
