Tuesday, February 13, 2007
Hi Everyone! This is Tami Gallupe. I’m one of the new release managers here with the MSRC. I and my colleague Simon are taking over the release mantle from Craig Gehre here, so you’ll be hearing from us now with information about our releases. For my first post, I wanted to go ahead and let you know about February’s bulletin release.
Thursday, February 08, 2007
Hello, This is Christopher Budd and it’s the Thursday before the Second Tuesday for February 2007. As we do each month at this time, we’ve posted our Advance Notification for the upcoming security bulletin release. I did want to note that this month, the Thursday before the Second Tuesday is actually the second Thursday of the month.
Friday, February 02, 2007
Hey everyone this is Alexandra Huft, I wanted to let people know about a new issue that we’ve activated our Software Security Incident Response Process (SSIRP) for: we have some information we can share from the investigation so far and I wanted to share it with you. We just posted Microsoft Security Advisory (932553).
Wednesday, January 31, 2007
Hey everyone this is Adrian and I am writing to try and clear up some concerns regarding a recently reported vulnerability in the Speech Recognition feature of Windows Vista. An issue has been identified publicly where an attacker could use the speech recognition capability of Windows Vista to cause the system to take undesired actions.
Friday, January 26, 2007
Hey everyone this is Alexandra Huft, I wanted to let people know that we just posted Microsoft Security Advisory (932114). This involves an issue that only affects Microsoft Word 2000. We’ve activated our Software Security Incident Response Process (SSIRP) and have some information we can share from the investigation so far.
Thursday, January 18, 2007
Hello, this is Christopher Budd. Very quickly, I wanted to let you know that we’ve just re-released MS07-002 for Excel 2000 only. The original version released on January 9, 2007 did fully protect against the security issues discussed in the bulletin. However, after release we discovered that the security update did not correctly process the phonetic information that is embedded in files that are created by using Excel in the Korean, Chinese, or Japanese executable mode.
Wednesday, January 10, 2007
Hello, This is Christopher Budd. We’ve gotten some questions from SUS 1.0 customers about yesterday’s release that I wanted to take a moment and address. Due to The last minute changes in the release that we updated you on last Friday, there is a delay in the updates for SUS 1.
Tuesday, January 09, 2007
Hello, this is Christopher Budd I wanted to let you know that as part of our standard monthly bulletin release process we’ve released our security bulletins for January 2007. · Microsoft Office (MS07-001) · maximum severity rating of Important** · vulnerabilities could allow an attacker to run code in the context of the logged on user.
Thursday, January 04, 2007
Hello, Happy New Year everyone. This is Christopher Budd and it’s the Thursday before the Second Tuesday of January 2007. As we do each month at this time, we’ve posted our Advance Notification for the upcoming security bulletin release. Next Tuesday, on January 9, 2007 at approximately 10:00 am PT we are slated to release:
Thursday, December 21, 2006
Hi everyone, As usual the holiday season is a busy time for everyone including those of us here in the MSRC. I hope that everyone has finished their holiday shopping so they can enjoy the long weekend. This is Mike Reavey by the way in case anyone was wondering. Aside from discussing the holidays, the reason I am dropping in on the blog is that right now we are closely monitoring developments related to a public posting of proof of concept code targeting an issue with the Client Server Run-Time Subsystem.
