Tuesday, November 02, 2010
Ian: Having a mild case of “professional ADHD” is probably what got me started on this whole “cyber” thing. Having done research, development, integration and consulting in the past, I was starting to get too many unanswered questions in my mind when dealing with customers and individuals who were being compromised left and right.
Thursday, September 16, 2010
Handle: Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni Microsoft often has the pleasure of welcoming foreign government officials to our headquarters. MSR
Monday, August 02, 2010
Hello, As we announced on Friday, today we released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. This security update addresses a vulnerability in the handling of shortcuts that affects all currently supported versions of Windows XP, Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2. As our colleagues over in the MMPC have noted, several families of malware have been attempting to attack this vulnerability.
Thursday, July 29, 2010
Today we’re announcing plans to release a security update to address the vulnerability discussed in Security Advisory 2286198 on Monday, August 2, 2010 at or around 10 AM PDT. We are releasing the bulletin as we’ve completed the required testing and the update has achieved the appropriate quality bar for broad distribution to customers.
Wednesday, March 10, 2010
Handle: Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins Dislikes: Using “It’s hard” as an excuse, quitting when it gets tough, banjos One of the things I get to do in the Microsoft Security Response Center (MSRC) is talk to our customers and tell them about the process by which Microsoft identifies potential security vulnerabilities in its products, eliminates those vulnerabilities, and provides remediation and information to customers.
Tuesday, March 02, 2010
Hi, I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit.
Wednesday, February 17, 2010
Hi, We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015. We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit.
Monday, November 23, 2009
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Hi! It’s been a while since I’ve had a chance to blog about all the things we have been doing here.
Sunday, September 13, 2009
Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! BlueHat v9 will take place from October 21 to 23 at the Microsoft campus in Redmond. Last year, we experimented with a day dedicated to attacks and a day dedicated to SDL security mitigations.
Tuesday, June 02, 2009
Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hey folks! I know this is typically the time of year when birds are chirping, the rain is _supposed _to be letting up, and those of you in the BlueHat network who are normally invited to attend the Spring BlueHat conference are asking yourselves, “Why did MSRC start doing the con only once a year?
