Tuesday, July 13, 2010
Hi everyone. As part of our usual monthly update cycle, today Microsoft is releasing four security bulletins to address five vulnerabilities in Windows and Microsoft Office. MS10-042 resolves a publicly disclosed and actively exploited vulnerability discussed in Security Advisory 2219475. The update addresses an issue in the Windows Help and Support Center feature included in Windows XP and Windows Server 2003.
Thursday, July 08, 2010
Hi everyone. Today we’re releasing our advance notification for the July security bulletin release, which is scheduled for Tuesday, July 13. This month’s release includes four bulletins addressing five vulnerabilities. Two bulletins, both with a severity rating of Critical, affect Windows. Two of the bulletins affect Microsoft Office; of those, one carries a Critical severity rating and one is rated Important.
Tuesday, June 08, 2010
Hi everyone, Today, as part of our regular monthly security bulletin release cycle, we released 10 bulletins to address 34 total vulnerabilities in Windows, Microsoft Office (including SharePoint), Internet Explorer (IE), Internet Information Services (IIS), and the .NET Framework. Only three of these bulletins get our maximum severity rating of Critical.
Thursday, June 03, 2010
Hi everyone, Today we published our advance notification for the June security bulletin release, scheduled for release next Tuesday, June 8. This month’s release includes ten bulletins addressing 34 vulnerabilities. Six of the bulletins affect Windows; of those, two carry a Critical severity rating and four are rated Important. Two bulletins, both with a severity rating of Important, affect Microsoft Office.
Tuesday, May 11, 2010
Today we released bulletin MS10-031 addressing vulnerability CVE-2010-0815 in the VBE6.DLL library. VBE6.dll is part of Visual Basic Environment and can be used by many Microsoft products, including Microsoft Office. We wanted to share a little more detail about this vulnerability to help you make a risk decision regarding its exploitability.
Thursday, May 06, 2010
Hi everyone, Today we published our advance notification for the May security bulletin release letting customers know that next Tuesday, May 11, we will release two Critical bulletins addressing two vulnerabilities - one in Windows and one in Office. Windows 7 and Windows Server 2008 R2 customers will be offered the Windows related update but they are not vulnerable in their default configurations.
Monday, May 03, 2010
Hi everyone, Here’s an update on MS10-016, a Windows Movie Maker bulletin we released in March 2010. At the time, we did not have an update for Microsoft Producer 2003. Today we have released a new version of Microsoft Producer that replaces the old version. We recommend that all customers using Producer 2003 upgrade to the new version located here.
Thursday, April 29, 2010
Hello. Today we released Security Advisory 983438, addressing a cross-site scripting (XSS) vulnerability in SharePoint Server 2007 and SharePoint Services 3.0 that could allow Elevation of Privilege (EoP) within the SharePoint site itself. Servers are at reduced risk from Internet Explorer 8 clients, as the Internet Explorer 8 XSS filter helps to mitigate the issue in the internet zone.
Thursday, April 08, 2010
Hi everyone, Our ANS (Advance Notification Service) went out today informing customers that next Tuesday we will release 11 bulletins addressing 25 vulnerabilities in Windows, Microsoft Office, and Microsoft Exchange. We recommend that customers review the ANS summary page and prepare to test and deploy the bulletins as quickly as possible.
Tuesday, February 09, 2010
MSRC Bulletin Release Blog Post Hi everyone, As mentioned in our ANS blog post last week, today we are releasing 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office. In the post on Thursday, we mentioned that bulletins in the ANS listed as 1, 2, 3, and 6 were going to top our deployment priority list this month.
