Security Bulletins for the Regular IT Guy – Episode 14 – 4/13/2010

Over pints Pierre Roman, Bruce Cowper and Rick Claus decided they would put together a concise and timely podcast each “Update Tuesday”. The object is to keep it simple by letting you know in plain non technical language what the updates are, what they resolve and why you should care.

Have a listen directly from the embedded Silverlight player OR subscribe to the feed and download it to your iTunes / Zune software. 

As always - if you have suggestions on making it better - please pass on your comments. Mail Rick directly  – rick.claus@microsoft.com

Direct Download:

Subscribe to the podcast: (so you don't miss an episode)

Disclaimer: This podcast was produced with the best information available to us at the time of recording. Your primary source for all things Security Bulletin related should always be the Microsoft Security Response Center blog.

In Depth Webcast on this bulletin will take place: Wednesday, April 14th - 11:00 a.m. PST (UTC -8). (Registration link):

Bulletins discussed for April 13th, 2010:

• MS10-019 - Vulnerabilities in Windows Could Allow Remote Code Execution (981210)
• MS10-020 - Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)
• MS10-021 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)
• MS10-022 - Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
• MS10-023 - Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)
• MS10-024 - Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)
• MS10-025 - Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)
• MS10-026 - Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)
• MS10-027 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)
• MS10-028 - Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)
• MS10-029 - Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)

Podcast Participants: Pierre Roman, and Bruce Cowper.

Additional Technical Show Notes:

• Recorded at the Ottawa Microsoft Office at the World Exchange Plaza, 100 Queen Street.

New Twitter feed

I wanted to let you know that the MSRC has launched a Twitter feed @MSFTSecResponse https://twitter.com/msftsecresponse

they will use this account to augment the content from the blog. For example, they will use the account to rapidly respond to emerging issues while they are gathering information for a more complete blog post. In addition, they will also use the account as a way to push content to their followers quickly.

Microsoft Security Compliance Manager (https://technet.microsoft.com/en-us/library/cc677002.aspx)

The Security Compliance Manager is the next evolution of the Security Compliance Management Toolkit (SCMT) Series. We’ve taken our extensive guidance and documentation and incorporated it into this new tool, enabling you to access and automate all of your organization’s security baselines in one centralized location.

The Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.

PodSafe music from PodSafe Music Network @ https://music.podshow.com/ . Artist: Derek K Miller , song - “You’re the Big Sky - rock guitar instrumental”

IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn

https://media.libsyn.com/media/cdnitmanagers/episode15-04-2010.mp3