News from MAPP, and Advance Notification Service for the December 2011 Bulletin Release

Hello all. Before we look at next week’s bulletin release, we’d like to point out an update to our Microsoft Active Protections Program (MAPP) that should provide customers with greater transparency as to how MAPP partners use the information we share with them when we release security advisories.

As you know, we work closely with our MAPP partners to share information on issues as they arise, thus extending protections to the greatest possible number of computers on the Internet. As of our most recent Security Advisory, we’ve started a new process of listing the partners who have confirmed that they released protection within 96 hours after the advisory release on a special Web page.   Naturally not every Advisory applies to every partner, so we do not expect them all to report protections in place for every individual Advisory.   

Meanwhile, in a minor procedural note, those of you who prefer to print out the bulletins and have missed that functionality in recent months will be pleased to hear it’s back. Look for the small grey printer icon at the upper right corner of the bulletin.

Today we’re releasing our advance notification for the December security bulletin release, which is scheduled for Tuesday, December 13. This month’s release comprises 14 bulletins addressing 20 vulnerabilities in Microsoft Windows, Office, Internet Explorer, Microsoft Publisher, and Windows Media Player. All 14 bulletins will be released on Tuesday, December 13 at around 10 a.m. PST. Revisit this blog on Tuesday for our official risk and impact analysis, along with deployment guidance and a video overview of the release. We’ll also be looking at some interesting trends in bulletin releases over the course of 2011, with insight on those from MSRC Senior Director Mike Reavey.

As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.

Please join Jonathan Ness and Jerry Bryant for our public webcast on Wednesday. They’ll go into detail about the bulletins and answer questions live on the air. Register at the link below:

Date: Wednesday, December 14
Time: 11:00 a.m. PST (UTC –8)


Angela Gunn
Trustworthy Computing.

Follow us on Twitter: @MSFTSecResponse