Skip to main content
MSRC

Microsoft Security Response Center Blog

BlueHat Hackers?

Thursday, March 30, 2006

BlueHat Hackers? There have been some misconceptions recently around both security researchers we bring in for Blue Hat, and security consulting companies that also help us make our products. I’ve even seen the phrase “Blue hat hackers” thrown around. While it was terribly flattering (and somewhat amusing) to the BlueHat team to see the incredible talented consultants working with us to secure our products referred to as BlueHat Hackers, there really is no such thing.

An update on the IE ActiveX change from Mike Nash

Wednesday, March 29, 2006

Hi there. Mike Nash from the STU. Earlier this year, during our response to the WMF zero exploit with an out-of-band band security update, I wrote a blog entry explaining the details of how we got to the decision to release that update early. I received a lot of feedback from customers around the world that the blog entry and the internal insights into our decision-making process in that situation was very helpful and that we should make it a consistent practice for issues that have widespread impact on customers and need more clarity.

Third party solutions to the Internet Explorer CreateTextRange vulnerability

Tuesday, March 28, 2006

Hi everyone, Mike Reavey here. I wanted to make everyone aware of some recent developments regarding the “Create TextRange” IE vulnerability. First off we’re still not seeing increased spread of attacks, and in fact have been very active in taking down sites as they come up with law enforcement. But attacks are still occurring so we certainly still recommend up to date AV software and our safe browsing guidance while we work on the update, and have updated the security advisory with a list of VIA partners that are currently providing protection.

Update regarding recent Internet Explorer attacks

Sunday, March 26, 2006

Hi gang, Stepto here again. The MSRC in combination with our internal and external partner teams have been working through the weekend looking at the recent attacks involving the IE vulnerability I mentioned previously. So far we’re still seeing only limited attacks. But our anti-malware team, as always, is on the case and has uploaded removal information for the attacks to date to Windows Live Safety Center.

Recent exploits regarding the Internet Explorer HTML handling vulnerability.

Friday, March 24, 2006

Hi everyone, Stepto here. Today the MSRC became aware of public reports of attacks on some PC users utilizing the vulnerability that Lennart posted about in Internet Explorer. Here’s what we know. The attacks are limited in scope for now and are being carried out by malicious Web sites exploiting a vulnerability in the method by which Internet Explorer handles HTML rendering.

New publicly disclosed vulnerability in Internet Explorer

Wednesday, March 22, 2006

Hi, It’s Lennart again. Wanted to let you know that today we saw another public posting around a vulnerability in Internet Explorer. This one is different than the crash bug I wrote about earlier. The public posting speaks about createTextRange() and a way that this could be utilized to get code to run when visiting a specially crafted Web page.

Where can you learn more?

Tuesday, March 21, 2006

The BlueHat team has been getting a lot of questions from both inside and outside of Microsoft asking if we are going to publicly post video or audio recordings of the BlueHat presentations, or if we are going to hoard the BlueHatty goodness and keep the presentation details all to ourselves… A totally valid question since all of our BlueHat presentations from 2005 and 2006 are fantastic and things any developer or IT Pro could benefit from seeing.

Publicly disclosed vulnerability in Internet Explorer

Monday, March 20, 2006

Hi everyone, Lennart Wistrand here. You may have heard about an IE crashing vulnerability that was unfortunately publicly posted before the weekend. We just wanted to make a quick note here that, as always, we’re investigating it. So far we’ve determined that visiting a page that exploits it could cause IE to fail.

David Litchfield’s BlueHat talk

Friday, March 17, 2006

Brad Sarsfield here again. I’d like to share with you my thoughts on David Litchfield’s BlueHatv3 talk. David Litchfield is the Chief Research Scientist at Next Generation Security Software (NGS) and spoke to a 600+ standing room only crowd at Bluehat 3 on March 9th. David took us through his thoughts on the current state of the database security world and talked about his current areas and focus of his research.

Exploiting Web Applications

Friday, March 17, 2006

Over the next few days we’ll all be writing about the BlueHat sessions… Today I’m excited to have a chance to tell you more about the Exploiting Web Applications presentation made by Caleb Sima, CTO and co-founder of SPI Dynamics at BlueHat 3 on March 9th. (Listen to a podcast interview with Caleb here.