Sunday, June 11, 2006
Hello, this is Christopher Budd. I’m here this evening at TechEd 2006. This year, TechEd is in Boston, Massachusetts at the Boston Convention Center. (If you want to see where we are using the new Windows Live Local, you can see a view of it here). I’m sure you know from our RSA postings that we love the chance to get out and meet and talk with customers.
Friday, June 09, 2006
Hi everyone, Stephen Toulouse here. As you probably know, all throughout the year we attend various security researcher conferences all over the world. One of the biggest and the best is the Black Hat security conference in Las Vegas. And of course the MSRC, as well as a number of other Microsoft teams, will be down there this August.
Thursday, June 08, 2006
This is Christopher Budd. I wanted to take a moment from my preparations for TechEd next week to let you know that we made our regular advance notificationfor the upcoming monthly security bulletin release next week: At approximately 10:00 am PT next Tuesday, June 13th 2006, we are planning to release a total of twelve security bulletins.
Thursday, June 08, 2006
Christopher Budd here again. I wanted to take a moment and mention a couple of things related to security updates and Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME). First, support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition (Me) ends on July 11, 2006, which is the July 2006 Monthly Bulletin Release date.
Friday, June 02, 2006
Hi everyone. It’s Stephen Toulouse again. We’re of course still hard at work on an update for the Word vulnerability. All indications still point to this being a very limited, targeted attack but we’re still spending a lot of time thinking about how customers can protect themselves from this vulnerability. Today we’ve made a couple of minor changes to the advisory we posted on this issue to provide more clarity on the workarounds.
Thursday, May 25, 2006
Hey everyone. Stephen Toulouse here. There has been a bit of a flurry of activity here in Redmond this morning when we noticed a couple of people releasing information about an SMB vulnerability in Windows 2000. We just want to let everyone know that we’ve investigated this claim and found the vulnerability being discussed is fixed by MS05-011, a security update released almost 16 months ago.
Tuesday, May 23, 2006
Hi everyone, Stephen Toulouse here again. Just wanted to make you aware that we have reached the point in our investigation of the limited attacks trying to use the Word vulnerability that provided us with enough information to develop some stronger workarounds and mitigations. We’ve posted all that into a new security advisory:
Saturday, May 20, 2006
Hi everyone, Stephen Toulouse here again. I wanted to catch you up on where we’re at with our investigation of the Word vulnerability. First off on the vulnerability itself: I want to reiterate we’re hard at work on an update. The attack vector here is Word documents attached to an email or otherwise delivered to a user’s computer.
Friday, May 19, 2006
Hi everyone, Stephen Toulouse here. We’ve been made aware of a new vulnerability in Microsoft Word XP and Word 2003. Customers using the Word viewer to view documents are not impacted. Yesterday we recieved a report that a customer had been subjected to a very targeted attack using this vulnerability.
Tuesday, May 16, 2006
Hello, This is Christopher Budd. I wanted to take a moment and let folks know that this month’s IT Pro Security newsletter has an article that I hope will be helpful for those of you who manage security updates. It’s called Ten Principles of Microsoft Patch Management and in it I try o outline not so much the “how” of patch management but rather more of the “why” behind what we do.
