Tuesday, May 10, 2005
Debby Fry Wilson here! I had the opportunity to attend the CanSecWest security research conference in Vancouver, Canada last week. It was a tremendously valuable and eye-opening experience to see and hear the passion, dedication and commitment that segments of security researchers put into their craft of finding and exposing security vulnerabilities in software products.
Tuesday, May 10, 2005
Hi everyone, Mike Reavey here to tell you about today’s security bulletin and some other offerings to help protect and provide guidance for customers. Today’s release includes one bulletin affecting Windows 2000. It’s rated as “Important”. (This update addresses the recently disclosed “greymagic” vulnerability that Stephen blogged about a few weeks back.
Wednesday, April 20, 2005
Stephen Toulouse here with the MSRC, just wanted to provide everyone with some information related to public reports of a possible vulnerability in Microsoft Windows that was publicly disclosed. The issue involves the Windows Shell, and our initial investigation has found that significant user interaction would be required for an attacker to exploit this vulnerability.
Tuesday, April 12, 2005
Hey everyone, this is Mike Reavey from the MSRC. Welcome to the Microsoft Security Response Center Blog’s new home! We here at the MSRC started the blog for our time at RSA 2005, but we had such great support and positive responses from customers that we’ve have decided to keep it going.
Tuesday, March 15, 2005
A little bit about the Security Update Validation Program Late last week there was some confusion about the Security Update Validation program, and I wanted to take a minute to explain how the program works and our reasons behind implementing it. To start, the Security Update Validation Program (SUVP) was tested for about a year before we officially announced it in January.
Tuesday, March 08, 2005
And introducing…. I’m Mike Reavey the Operations Lead for the Microsoft Security Response Center. I wanted to take a second to introduce myself and what my team does within the MSRC. Have you ever wondered who’s watching secure@microsoft.com around the clock to respond to new vulnerabilities? Or who works with the security researchers, product teams, and external partners to ensure a security update is complete and delivered to our customers?
Friday, February 18, 2005
A Post-RSA Nap By now it’s no secret that this year we decided to use RSA to help people understand a little more about the MSRC, who we are, what we do, and especially why we do it. The answer to that last, by the way, is a combination of “we are committed to doing our best to help our customers understand and react to security threats” and of course because “we love it”.
Friday, February 18, 2005
The MSRC heads back to Redmond In addition to spending time with customers and partners at RSA – as well as some eager, repeat “Wheel” fans – we had the opportunity to spend a couple of evenings with some of the journalists who cover security issues. This was a particularly valuable opportunity for the team to build relationships with security reporters and to share insights with them into what we do.
Thursday, February 17, 2005
Helping Customers Face to Face It’s hard work to stand the whole day, as anyone who has worked a conference will tell you. But it’s really also a lot of fun to hear the stories from our customers (though I do fear I’m going to learn some kind of Pavlovian response to the “click click click” of the MSRC “Wheel of Fortune” in my ear the whole day!
Thursday, February 17, 2005
Musings at midnight from the “W” bar For reasons that are not entirely clear to me, I found myself hanging out in a very crowded “W” bar at midnight last night – well past my bedtime – unless, of course, there is some security incident, in which case I would be sitting in my chair at our war room looking and sounding grouchy – but anyway I digress – back to the “W” bar .
