Tuesday, May 23, 2006
Hi everyone, Stephen Toulouse here again. Just wanted to make you aware that we have reached the point in our investigation of the limited attacks trying to use the Word vulnerability that provided us with enough information to develop some stronger workarounds and mitigations. We’ve posted all that into a new security advisory:
Saturday, May 20, 2006
Hi everyone, Stephen Toulouse here again. I wanted to catch you up on where we’re at with our investigation of the Word vulnerability. First off on the vulnerability itself: I want to reiterate we’re hard at work on an update. The attack vector here is Word documents attached to an email or otherwise delivered to a user’s computer.
Friday, May 19, 2006
Hi everyone, Stephen Toulouse here. We’ve been made aware of a new vulnerability in Microsoft Word XP and Word 2003. Customers using the Word viewer to view documents are not impacted. Yesterday we recieved a report that a customer had been subjected to a very targeted attack using this vulnerability.
Tuesday, May 16, 2006
Hello, This is Christopher Budd. I wanted to take a moment and let folks know that this month’s IT Pro Security newsletter has an article that I hope will be helpful for those of you who manage security updates. It’s called Ten Principles of Microsoft Patch Management and in it I try o outline not so much the “how” of patch management but rather more of the “why” behind what we do.
Thursday, May 11, 2006
This is Craig Gehre and there are two things I wanted to let you know about. Some of you may have been getting install errors on the Flash update, MS06-020, we released on Tuesday. You would have seen these install failure errors on Windows Update, Microsoft Update, or on your system via Automatic Update.
Tuesday, May 09, 2006
Say heh? I have to be honest. I’ve been in the MSRC now for a while, seen a lot of “interesting” things happen around here and it is a bit of a trip to look at our list of bulletins we shipped today and see the words Flash, Adobe, and Macromedia in the titles.
Thursday, May 04, 2006
Good afternoon, This is Christopher Budd. I wanted to take a moment and let you know that we’ve posted our regular Monthly Advanced Notification for the upcoming bulletin release. As a reminder, this month, our regularly scheduled monthly bulletin release is slated for Tuesday, 9 May 2006 with a target time of 10 AM Pacific Time.
Tuesday, April 25, 2006
Hi everyone, Stephen Toulouse here again. The targeted re-release of MS06-015 is ready. If you are configured for Automatic Update, no need to take any actions. It will detect if you have the problem and deliver the update to you. If you have not yet installed MS06-015, the revised version will be offered to you.
Friday, April 21, 2006
Hi everyone, Stephen Toulouse here. I’ve gotten some customer questions regarding the NVIDIA drivers affected by the issue so I wanted to provide some more detail on that. In working with NVIDIA we have narrowed the issue to a subset of their Release 60 drivers, which means version-wise all driver versions 60.
Thursday, April 20, 2006
Hi everyone, Stephen Toulouse here. We’ve been continually examining the best way to assist the customers who may have been impacted by the interaction of MS06-015 with the software Mike mentioned before. We wanted to check in and let you know the current plan. Up until now there have been several solutions: Upgrade to the newest version of the affected software, a manual registry key fix, uninstall the third party software (NVIDIA Drivers versions 61.
