Friday, November 14, 2008
Hi, During this month’s webcast we were able to address 12 questions in the time allotted. The questions were spread fairly evenly across both bulletins. We also fielded questions regarding the Exploitability Index and the MS08-067 form the October Out-of-Band Release. Here is the link to the full Q&A so you can see all of the answers that were provided for these great questions:
Wednesday, November 12, 2008
Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns Hey folks – We’ve just released the November Security Bulletins and that also marks the one-month point after the release of the initial Exploitability Index in October.
Tuesday, November 11, 2008
小野寺です。 11 月のワンポイントセキュリティを公開しました。 2008 年 11 月のワンポイントセキュリティ情報は、
Tuesday, November 11, 2008
小野寺です 今月は、事前通知からの変更はなく、予定通り、計 2 件 (緊急 1 件, 重要 1 件)を公開しました。 *
Tuesday, November 11, 2008
Hi, this is Christopher Budd. We’ve received some questions from customers about MS08-068 and its relationship to an issue that was first discussed in 2001, called the SMBRelay attack. Specifically, we’ve gotten some questions about why, in 2008, we’re releasing an update that addresses an issue first discussed in 2001. Since I was in the MSRC back in 2001 when this was all first discussed, I feel well placed to answer that.
Tuesday, November 11, 2008
Today Microsoft released a security update, MS08-068, which addresses an NTLM reflection vulnerability in the SMB protocol. The vulnerability is rated Important on most operating systems, except Vista and Windows Server 2008 where it has a rating of Moderate. This blog post is intended to explain why the issue is less severe on Vista and Windows Server 2008, and provide some additional details to help people determine the risk they face in their environment.
Tuesday, November 11, 2008
Hi! This is Tami Gallupe, MSRC Release Manager and I just wanted to give you an update on the two bulletins we released today: • MS08-068: Vulnerability in SMB Could Allow Remote Code Execution (957097). This has a severity rating of Important. • MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218).
Thursday, November 06, 2008
小野寺です。 今月は、計 2 件 (緊急 1 件, 重要 1 件) の公開を予定しています。 リリース日は、週明け水曜日 (11/12)
Thursday, November 06, 2008
Hello, Bill here. I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, Nov. 11, 2008 around 10 a.m. Pacific Standard Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.
Wednesday, November 05, 2008
Hi, this is Christopher Budd. We’ve been getting some questions from customers this week asking if we’ve seen any changes in the threat environment around MS08-067. We do have some information that we can share so I wanted to pass that along. Most importantly, we continue to see strong deployments of MS08-067.
