Thursday, May 17, 2012
As a part of the Industry Consortium for Advancement of Security on the Internet (ICASI), Microsoft is pleased to present an initial set of monthly security updates – originally released on May 8 – in the consortium’s newly established Common Vulnerability Reporting Framework (CVRF) format, for your examination and feedback. Today, ICASI released version 1.
Tuesday, March 13, 2012
Hello. Today we’re releasing six security bulletins – one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. We recommend that customers focus on MS12-020, our sole critical-class bulletin, as the March deployment priority. A little about MS12-020: MS12-020 (Windows) : This bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP).
Tuesday, February 14, 2012
Ever wondered where Update Tuesday bulletins come from, or what it’s like around Microsoft when a serious information-security situation arises? Or wondered who precisely is responsible for getting your monthly bulletin releases out the door? Update Tuesday, which brings us here today, is one of the most prominent results of that famous Bill Gates memo that put security at the center of Microsoft’s development and support efforts – just over 10 years ago.
Thursday, December 29, 2011
Today we released MS11-100, addressing a newly disclosed denial-of-service vulnerability affecting several vendors’ Web application platforms, including Microsoft’s ASP.NET. Yesterday, we posted an SRD blog describing the vulnerability and the detection and workaround opportunities. With this blog post, we’d like to update you on the following topics: Why is this bulletin rated “Critical” for a Denial-of-Service vulnerability?
Tuesday, December 13, 2011
Hi everyone – Mike Reavey here. Today, we’re releasing our December set of security updates. As we do every month, we’re providing a heads-up on what’s coming in this month’s release as well as offering links to more information so you can plan your deployment. However, since this is the last set of regular monthly security updates this year, I thought I’d take a minute to look back at some of the discoveries the MSRC made in the process of issuing the year’s bulletins.
Tuesday, December 13, 2011
Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing 13 security bulletins, three of which are rated Critical in severity, and 10 Important. These bulletins will increase protection by addressing 19 unique vulnerabilities in Microsoft products. Customers should plan to install all of these updates as soon as possible.
Saturday, October 15, 2011
Hello, Today we published the October Security Bulletin Webcast Questions & Answers page. We fielded eight questions across all bulletins. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday, November 9th at 11am PDT (UTC -7), when we will go into detail about the November bulletin release and answer questions live on the air.
Friday, September 16, 2011
Hello, Today we published the September Security Bulletin Webcast Questions & Answers page. We fielded 15 questions primarily regarding the Diginotar Certificate compromise and the associated Security Advisory. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the Q&A page.
Thursday, August 11, 2011
Hello, Today we published the August Security Bulletin Webcast Questions & Answers page. We fielded six questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the Q&A page.
Tuesday, August 09, 2011
Hello all. It has been very nearly a week since our BlueHat Prize contest announcement at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing studio today at 11 a.
