Skip to main content
MSRC

Month Archives: December 2008

Advance Notification for December 2008 Out-of-Band Release

Tuesday, December 16, 2008

Hi this is Christopher Budd, We’ve just published our Advance Notification for an out-of-band security bulletin release. We plan to release the security update tomorrow, Dec. 17, 2008 to address the vulnerability we’ve discussed in Microsoft Security Advisory 961051. Our target time, as always, is 10:00 a.m. Pacific Time. We’ll be holding two special webcasts to give you details and take your questions.

Clarification on the various workarounds from the recent IE advisory

Friday, December 12, 2008

Today Microsoft revised the Workarounds section of Security Advisory 961051. We wanted to share more detail about the vulnerability and explain the additional workarounds here to help you protect your computers. Information about the vulnerability The vulnerability is caused by memory corruption resulting from the way Internet Explorer handles DHTML Data Bindings.

Friday update for Microsoft Security Advisory 961051

Friday, December 12, 2008

Hi this is Christopher Budd, I wanted to give you a quick update on a couple of new things today related to Microsoft Security Advisory 961051. We’ve made another revision to the advisory today. Our research teams are working around the clock to help identify better, more effective workarounds to give customers more options to evaluate and we’ve updated the advisory with the latest information from their research.

Microsoft Security Advisory 961051 Updated

Thursday, December 11, 2008

Hello, This is Christopher Budd, We’ve just posted a revision to Microsoft Security Advisory (961051) with the latest information from our ongoing work around this issue. While the known attacks are only targeting Internet Explorer 7, we have found that the underlying vulnerability affects all currently supported versions of Internet Explorer.

Microsoft Security Advisory 961051

Wednesday, December 10, 2008

Hello, Bill here, I wanted to let you know that we have just posted Microsoft Security Advisory (961051). This advisory contains information regarding new attacks against a new vulnerability in Internet Explorer. At this time, we are aware of limited attacks attempting to use the reported vulnerability, but we will continue to track this issue.

December 2008 Monthly Bulletin Release

Tuesday, December 09, 2008

Hi, This is Christopher Budd. I wanted to let you know that we’ve just released our security bulletins for December. The new bulletins for this month are: · MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) which is rated “Critical” · MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) which is rated “Critical”