Wednesday, April 21, 2010
Hi, MS10-025 is a security update that only affects Windows 2000 Server customers who have installed Windows Media Services (this is a non-default configuration). Today we pulled the update because we found it does not address the underlying issue effectively. We are not aware of any active attacks seeking to exploit this issue and are targeting a re-release of the update for next week.
Monday, April 19, 2010
The XSS Filter related Blackhat EU presentation discussed a vulnerability that was previously disclosed and addressed in the January security update to Internet Explorer (MS10-002). This attack scenario involved modified HTTP responses, enabling XSS on sites that would not otherwise be vulnerable. An additional update to the IE XSS Filter is currently scheduled for release in June.
Friday, April 16, 2010
Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: April 2010 Security Bulletin Release Date: Tuesday, April 13, 2010 Q: Are the MS10-023 and MS10-028 updates available via Window Server Update Services (WSUS)? They were not listed in KB894199, or as an exception by KB910723?
Thursday, April 15, 2010
Mark Curphey here. I run the Subscriptions Engineering Team in Server & Tools Online, where we build complex customer facing web sites like MSDN and TechNet, supporting millions of users. For the last 15 years, I have always held security roles, most recently heading up the Information Security Tools team here at Microsoft, where we were best known for building static code analysis tools and web protection libraries for managed code.
Tuesday, April 13, 2010
Hi everyone, Today, as part of our monthly security update cycle, we are releasing ** 11 security bulletins to address 25 vulnerabilities: five rated Critical, five rated Important and one rated Moderate. This month’s release affects Windows, Microsoft Office, and Microsoft Exchange. Additionally, the Malicious Software Removal Tool (MSRT) was updated to include Win32/Magania.
Monday, April 12, 2010
Today we released eleven security bulletins with security updates addressing 25 CVE’s. Five of the bulletins have at least one CVE rated Critical. We hope that the table below helps you prioritize this month’s deployment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Index Likely first 30 days impact Platform mitigations and key notes MS10-027 (WMP) Victim browses to a malicious webpage.
Monday, April 12, 2010
Handle: Jman IRL: Jerry Bryant Rank: Group Manager, Response Communications Likes: Quad lattes, geek toys, responsible disclosure Dislikes: Tomatoes, slow drivers (frontgaters) As a follow on to the WGA and Security Updates post by Dustin Childs, I wanted to address another common question we get regarding both security and non-security updates that customers receive from Microsoft through Windows Update or Microsoft Update.
Monday, April 12, 2010
Today Microsoft released MS10-020, which addresses several vulnerabilities in the Windows SMB client. This blog post provides additional details to help prioritize installation of the update, and understand the attack vectors and mitigations that apply. Client-side vulnerabilities The first thing to realize is that this update addresses vulnerabilities in the SMB ** client ** in Windows.
Monday, April 12, 2010
4/13/2010 Update: The migration to the new mail system has not gone fully as planned but the good news in our update today is that we “will” be using a microsoft.com email address to send the security notifications to customers. The bad news is that PGP signing is not working correctly in the new system so the mailers going out today announcing our security bulletin release will not be signed.
Monday, April 12, 2010
MS10-021 addresses eight different Windows vulnerabilities. Five of them, CVE-2010-0234 through CVE-2010-0238, stem from an obscure bit of Windows registry functionality called “registry links”. A quick search in MSDN reveals this description: “REG_LINK: Specifies a Unicode symbolic link. Used internally. Applications do not use this type”. Clear as mud, right? Registry links are similar to symbolic links in NTFS (http://msdn.
