Skip to main content
MSRC

2007

November 2007 Advance Notification

Thursday, November 08, 2007

Hello, I wanted to let you know that we just posted our Advance Notification for next week’s bulletin release which will occur on Tuesday, November 13th, 2007 at or around 10 a.m. Pacific Time. It is important to remember that while the information posted below is intended to help with your planning, because it is preliminary information, it is subject to change.

MSRC Blog: Security Advisory (944653)

Monday, November 05, 2007

Today, in cooperation with Macrovision, we issued an Advisory related to a vulnerability in the Macrovision SECDRV.SYS Driver that is included with Windows XP and Windows 2003. Equally important, Macrovision also released an Advisory for this issue, which includes a security update. We recommend that customers review the Macrovision advisory before applying it.

MSRC Blog: October 25th Update To Security Advisory 943521

Thursday, October 25, 2007

Hi everyone, Bill Sisk here. This week we became aware of publicly disclosed exploit code being used in limited attacks on customers. This change in the threat landscape has prompted us to update last week’s Security Advisory 943521 and triggered our Software Security Incident Response Plan (SSIRP). Third party applications are currently being used as the vector for attack and customers who have applied the security updates available from these vendors are currently protected.

MSRC Blog: Additional Details and Background on Security Advisory 943521

Wednesday, October 10, 2007

Hi everyone. This is Jonathan from the SWI team in the MSRC. We’ve just released Security Advisory 943521 regarding a vulnerability affecting Windows Server 2003 and Windows XP with Internet Explorer 7 installed. As you have probably noted there’s been a fair amount of discussion on this issue. One of the reasons we are releasing this Advisory is due to increased risk given recent discussions about how this vulnerability could be used in attacks.