Podcasts are online!
Friday, March 17, 2006
Caleb Sima: Exploiting Web Applications Halvar Flake: BinDiff Analysis HD Moore: How not to deploy ASP.Net applications & Metasploit Alexander Kornbrust: Database Viruses & Rootkits Enjoy, Brad Sarsfield
Microsoft Security Response Center Blog
BlueHat Blog quoted in press
Thursday, March 16, 2006
The BlueHat blog has been up less than 24 hours, and it was quoted this morning in an article by Robert McMillan on InfoWorld. That article has already hit /. Some of the comments are pretty funny… I can’t wait for the speaker podcasts and channel9 video to go live so people can hear directly from the BlueHat speakers!
Bluehat v3 first thoughts
Thursday, March 16, 2006
Hi, I’m Brad Sarsfield (bradsa!); I’m the SQL guy here. One of the interesting things about me and my team is that I own the ‘slammer’ component in SQL Server, so by that very nature quite a large part of my job description is to ensure (and I quote) “that never … ever … happens again”.
Welcome to the BlueHat blog site!
Wednesday, March 15, 2006
BlueHat 3 just completed last week, and all I can say is WOW. Great speakers. Great presentations. Packed audience. You can read the session abstracts and speaker bios here to see what I’m talking about. OH! I should introduce myself. Where are my manners? I’m Kymberlee Price, a Security Program Manager at Microsoft.
March 2006 Bulletin Release
Tuesday, March 14, 2006
‘I want my two… bulletins’. For some reason an unrelenting paperboy’s quest for two dollars seems to echo in my mind today. It seems so small yet it is so important. Well today the MSRC released two new bulletins. One for Office and the other for Windows, more info below. The Windows one addresses an issue you may have been following via our advisories, 914457.
March 2006 Advanced Notification
Thursday, March 09, 2006
Hey folks, Mike Reavey here, I wanted to take a quick second to make sure everyone saw the Advance Notification for the Security Bulletin release for March. This coming Tuesday, the 14th, we’re planning to release two security bulletins, and they are being released for Windows for Office. The maximum total severity rating for this month is Critical, so please update systems as soon as possible when they are available on Tuesday.
Security advisory posted, and RSA thoughts.
Tuesday, February 28, 2006
Hi everyone, Stepto here. (I’m giving up on the “Stephen Toulouse here” after many people I met at RSA greeted me as “Stepto”, but as a side note since I created the blog under “Stepto” please remember that posts made by individuals on the MSRC are made by themselves and not me.
Information about Today's Bulletin Release and MS06-007 on Microsoft Update/Windows Update
Tuesday, February 14, 2006
Hey folks – Craig here taking a step away from the Tuesday release. So, we’ve released seven Security Bulletins today. Real quick, I wanted to give you an overview of them. * MS06-004 only applies to IE5.01 SP4 and is rated as Critical. * MS06-005 is rated critical and applies to Windows Media Player on Microsoft Windows.
MS06-007 update, and one year of blogging.
Tuesday, February 14, 2006
Hey folks, Stephen Toulouse here blogging live from San Jose, at the RSA 2006 security conference. First a quick update on the MS06-007 update issue Craig mentioned earlier. This situation is now resolved and customers should be able to get the update. I want to reiterate that the problem had nothing to do with the update itself, you applied it manually from the download center or got it through SUS 1.
Information on IE Drag and Drop Issue
Monday, February 13, 2006
Hey – Brian here, As we’re gearing up for release tomorrow I wanted to take a second to discuss a recent posting of a security issue to some mailing lists. Matt Murphy, a well known security researcher posted an alert today regarding a “drag and drop” issue affecting Windows. I actually handled this case and worked with Matt.