Skip to main content
MSRC

Security Update

April 2010 Bulletin Release Advance Notification

Thursday, April 08, 2010

Hi everyone, Our ANS (Advance Notification Service) went out today informing customers that next Tuesday we will release 11 bulletins addressing 25 vulnerabilities in Windows, Microsoft Office, and Microsoft Exchange. We recommend that customers review the ANS summary page and prepare to test and deploy the bulletins as quickly as possible.

March Out-of-Band Security Bulletin Webcast

Monday, April 05, 2010

Hi everyone, Last week Adrian Stone and I conducted a webcast to cover the Internet Explorer out-of-band security bulletin release. We only spent a short period of timing on the presentation and then spent the rest of the time answering customer questions which you can read here. There were some interesting questions and hopefully those who attended came away with a better understanding about how to better protect themselves from emerging threats.

Out-of-Band Security Bulletin Webcast Q&A - March 30, 2010

Tuesday, March 30, 2010

Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Group Manager, Response Communications Website: TechNet/security Chat Topic: March 2010 Out-of-Band Security Bulletin Date: Tuesday, March 30, 2010 Q: CVE-2010-0483 , like CVE-2010-0806 , is a remote code executable vulnerability with an exploit code that has been published and publicly available since March 1, 2010.

Security Bulletin MS10-018 Released

Tuesday, March 30, 2010

Hi everyone, Today we released MS10-018 out-of-band due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374. I want to reiterate that Internet Explorer 8 is not affected by this issue so customers using this version are not affected by these attacks and we continue to encourage customers to upgrade to the newer version because it provides more security and protection.

Internet Explorer Cumulative Update Releasing Out-of-Band

Monday, March 29, 2010

Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing security update MS10-018 tomorrow, March 30, 2010, at approximately10:00 a.m. PDT (UTC-8). MS10-018 resolves Security Advisory 981374, addressing a publicly disclosed vulnerability in Internet Explorer 6 and Internet Explorer 7. Internet Explorer 8 is unaffected by the vulnerability addressed in the advisory and we continue to encourage all customers to upgrade to this version to benefit from the improved security protection it offers.

March 2010 Security Bulletin Webcast

Monday, March 15, 2010

Hello, Today we published the Questions & Answers from the March 2010 Security Bulleting webcast. We answered a total of 13 questions concerning the March bulletins and open Security Advisories. No particular themes emerged from the questions but there were some good ones so please review them. The video covers the core part of the presentation Adrian Stone and I gave during the webcast.

Update: MS10-015 security update re-released with new detection logic

Tuesday, March 02, 2010

Hi, I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit.

Update - Restart Issues After Installing MS10-015 and the Alureon Rootkit

Wednesday, February 17, 2010

Hi, We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015. We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues. Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit.

Monthly Security Bulletin Webcast Q&A - February 2010

Thursday, February 11, 2010

Hosts: Adrian Stone, Senior Security Program Manager Lead Jerry Bryant, Senior Security Communications Manager Lead Website: TechNet/security Chat Topic: February 2010 Security Bulletin Release Date: Wednesday, February 10, 2010 Q: MS10-003 supersedes MS09-062 which was released for Windows in addition to Office. Does MS10-003 supersede only the Office XP components of MS09-062 or does it supersede all of MS09-062?