Microsoft releases Security Advisory 2963983

Today, we released Security Advisory 2963983 regarding an issue that impacts Internet Explorer. At this time, we are only aware of limited, targeted attacks. This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an… Read more

Security Advisory 2755801 revised to address Adobe Flash Player issues (Feb. 26, 2013)

Today we revised Security Advisory 2755801 to address issues in Adobe Flash Player in Internet Explorer 10 on Windows 8. This advisory revision was released in conjunction with Adobe’s update process. Customers who have automatic updates enabled will not need to take any action because protections will be downloaded and installed automatically.  Customers who do… Read more

Exploitability Index Improvements Now Offer Additional Guidance

Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Exploitability Index: a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of this month, we are making some changes to the rating system to… Read more

Security Advisory 981374 Released

Just an FYI on a security bulletin release by the MSRC: Today we released Security Advisory 981374 addressing a publicly disclosed vulnerability in Internet Explorer 6 and Internet Explorer 7. Internet Explorer 8 is not affected by this issue. Customers using Internet Explorer 6 or 7 should upgrade to Internet Explorer 8 immediately to benefit… Read more

The MS10-015 security update has been re-released with new detection logic

The MSRC folks say that they have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit. If these conditions are detected, the… Read more

Security Advisory 981169 has been released

Just an FYI that yesterday the MSRC released Security Advisory 981169 to address the VBScript issue involving Windows Help files that they blogged about Sunday. To reiterate what they said in that post, they are not aware of any active attacks at this time and the following operating systems are not affected by this issue:… Read more

The February 2010 Security Bulletin Webcast is now available

As the MSRC does every month following the public webcast, they posted the questions and answers (that you can find here) and the recorded webcast below. This month there were no particular themes that emerged in the questions. They ranged from wanting clarification of what it means when we say something is “public” to questions… Read more

The February 2010 Security Bulletin Release

Just an FYI that today we are releasing 13 bulletins addressing 26 vulnerabilities. 11 bulletins affect Windows and 2 affect older versions of Microsoft Office. With the release of the bulletins for February 2010, this bulletin summary replaces the bulletin advance notification originally issued February 4, 2010. For more information about the bulletin advance notification… Read more

February 2010 Bulletin Release Advance Notification

Looks like the folks at the MSRC just released the February bulletin information through our Advance Notification Service (ANS). This month we’ll be releasing 13 bulletins: Five rated Critical, seven rated Important, and one rated Moderate – addressing 26 vulnerabilities in all. For all the details check out their post on this at J.C…. Read more

Security Advisory 980088 was released today

Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue. Our investigation so far has shown that if a user is… Read more