October 2009 Bulletin Release Advance Notification

Advance Notification for the October 2009 Security Bulletin Release For October we are releasing 13 bulletins (eight critical and five important), addressing 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server. Most of these updates require a restart so please factor that into your deployment planning. Among the updates this…

0

September 2009 Security Bulletin Webcast Video and Customer Q and A

In the September 2009 security bulletin webcast, it was clear that customers had a lot of concerns about MS09-048 as almost half the questions we answered were on that topic. The questions and answers from the session are now posted here on the blog. As we mentioned in the webcast, The MS09-048 bulletin has been…

0

Microsoft Security Advisory 975497 Released

We’ve just released Microsoft released Security Advisory 975497 that provides information about a new, irresponsibly reported vulnerability in SMB 2.0. Our investigation has shown that Windows Vista, Windows Server 2008 and Windows 7 RC are affected by this vulnerability. Windows 7 RTM, Windows Server 2008 R2, Windows XP and Windows 2000 are not affected by…

0

Microsoft Security Advisory 975191 Revised

Hi Everyone, Today we updated Security Advisory 975191 as we are now seeing limited attacks.  Additionally, a new proof of concept published allowing for Denial of Service (DoS) attacks on Windows XP and Windows Server 2003 with read access to the File Transfer Protocol (FTP) service. This does not require Write access.  Also, a new POC…

0

September 2009 bulletin Release

Advance Notification for the September 2009 Security Bulletin Release This month we will be releasing 5 security bulletins, all affecting Windows, and all with an aggregate severity rating of critical. As always, the target for release is the second Tuesday of the month at 10:00 a.m. PDT (UTC -8). Please check back here at that…

0

Microsoft Security Advisory 975191 Released

Hi Everyone, This is Alan Wallace, senior communications manager for our security response communications team.  Today, Microsoft released Security Advisory 975191, to provide customer guidance and protection from a vulnerability that could allow remote code execution on affected systems running the FTP service in Microsoft Internet Information Services (IIS) 5.0, 5.1 and 6.0, and connected…

0

August 2009 Bulletin Release

Summary of Microsoft’s Security Bulletin Release for August 2009 Hi everyone, This month, we released nine security bulletins. Five of those are rated Critical and four have an aggregate severity rating of Important. Of the nine updates, eight affect Windows and the last one affects Office Web Components (OWC). It is also important to note…

0

Security Bulletin Webcast Video, Questions and Answers – July 2009

Today Adrian Stone and I conducted the security bulletin webcast for June covering the six bulletins we released yesterday and Security Advisory 973472 (vulnerability in Office Web Components). There were several questions about MS09-028 and MS09-032. These security updates addressed two open security advisories (971778 and 972890 respectively). One common question was “if I installed…

0

July 2009 Bulletin Release

Summary of Microsoft’s monthly security bulletin release for July 2009. This month we are releasing six bulletins. Three of those affect Windows and are rated Critical. All three of those also have an Exploitability Index rating of “1” which means that we believe that consistent exploit code in the wild is highly likely within the…

0

Microsoft Security Advisory 973472 Released

Hi Everyone,   This is Dave Forstrom, group manager for our security response communications team.  We have just posted Microsoft Security Advisory 973472, which highlights a vulnerability in Microsoft Office Web Components. Specifically, the vulnerability exists in the Spreadsheet ActiveX control and while we’ve only seen limited attacks, if exploited successfully, an attacker could gain…

0