Monday, December 19, 2011
Hello, Today we published the December Security Bulletin Webcast Questions & Answers page. We fielded six questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. For more details on this month’s bulletins, click here to view the slide deck used in the webcast. See below to view the webcast.
Sunday, December 18, 2011
今年最後となる 12 月度の月例セキュリティ リリースも終わり、今年 1 年のセキュリティ リリースの振り返りをし
Thursday, December 15, 2011
Hosts: Jonathan Ness, Security Development Manager, MSRC Jerry Bryant, Group Manager, Trustworthy Computing Communications Website: TechNet/Security ** Chat Topic: December 2011 Security Bulletin Release ** Date: Wednesday, December 14, 2011 ** Q: Some of my users had issues with text being deleted from Word documents. Is this an issue with the Office security bulletin**?
Tuesday, December 13, 2011
先週の事前通知でお知らせしました件数から 1 件減り、計 13 件 (緊急 3 件、重要 10 件) のセキュリティ情報を公
Tuesday, December 13, 2011
皆さん、こんにちは!今月のマイクロソフトワンポイントセキュリティ情報担当者です。 先ほど 12 月のマイクロ
Tuesday, December 13, 2011
Hi everyone – Mike Reavey here. Today, we’re releasing our December set of security updates. As we do every month, we’re providing a heads-up on what’s coming in this month’s release as well as offering links to more information so you can plan your deployment. However, since this is the last set of regular monthly security updates this year, I thought I’d take a minute to look back at some of the discoveries the MSRC made in the process of issuing the year’s bulletins.
Tuesday, December 13, 2011
Today we released thirteen security bulletins. Three have a maximum severity rating of Critical with the other ten having a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-Ability Index Likely first 30 days impact Platform mitigations and key notes MS11-087 (TTF Font parsing) Victim opens a malicious Office document or browses to a malicious website.
Tuesday, December 13, 2011
Today, we released MS11-087 addressing an issue in the font parsing subsystem of win32k.sys, CVE-2011-3402. The bulletin received a Critical rating due to a potential browser-based attack vector. We have not seen the browser-based attack vector exploited in the wild. The bulletin includes a workaround to disable this remote code execution attack surface.
Tuesday, December 13, 2011
This month we released MS11-090 to address a vulnerability in the Microsoft Time component (CVE-2011-3397), which features the deprecated time behavior that is still supported in IE6. We would like to provide further information about this issue and help explain why a “binary behavior kill bit” is the appropriate course of action.
Tuesday, December 13, 2011
Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing 13 security bulletins, three of which are rated Critical in severity, and 10 Important. These bulletins will increase protection by addressing 19 unique vulnerabilities in Microsoft products. Customers should plan to install all of these updates as soon as possible.
