Tuesday, September 19, 2006
Morning, Scott here from the MSRC Operations team again, I wanted to let everyone know that we have just posted Microsoft Security Advisory (925568). You can read more in the advisory, but after working with the folks from the X-Force team at ISS, we confirmed new public reports of a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML).
Friday, September 15, 2006
Hey everyone this is Adrian Stone and I wanted to let you know about a very limited issue that some Windows 2000 customers are experiencing after the installation of MS06-049. We just became aware of this issue due to customer reports earlier this week, and have been verifying the reports and understanding the root cause of the issue for the past two days.
Friday, September 15, 2006
Hello, This is Christopher Budd. Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory (925444). This Advisory talks about how we are also aware of proof of concept code published publicly affecting Microsoft DirectAnimation Path ActiveX control, which is included in Daxctle.ocx. This vulnerability may allow an attacker to execute code on a user’s machine by convincing them to visit a malicious website using Internet Explorer.
Tuesday, September 12, 2006
Hello, This is Christopher Budd. I wanted to take a moment to let you know that we’ve posted our security bulletins for September 2006. Specifically, this month, we’re releasing: MS06-052 applies to Microsoft Windows and is rated Important MS06-053 applies to Microsoft Windows and is rated as Moderate MS06-054 applies to Microsoft Office and is rated as Critical for earlier versions and Important for more recent versions.
Thursday, September 07, 2006
Hello, This is Christopher Budd. I wanted to go ahead and let people know that we’ve posted our Advance Notificationfor September 2006 Microsoft Monthly Security Bulletin Release. Next Tuesday, on September 12, 2006 at approximately 10:00 am PT we are slated to release three new security bulletins: • Two Microsoft Security Bulletins affecting Microsoft Windows.
Thursday, August 24, 2006
Hey folks - Mike Reavey here, I wanted to follow up on our Security Advisorywe released on Tuesday about the re-release of MS06-042for IE 6.0 SP1 customers. We’ve resolved the issues that delayed the re-release and have released the revised update. The revised update fully resolves the security vulnerability we discussed in the Advisory.
Wednesday, August 23, 2006
Hi, Scott here from the MSRC operations team. I just wanted to drop a few lines to clarify the recent buzz/ activity on a PowerPoint zero day that occured over the weekend. Our investigation has proven thus far that customers who are up to date with Office security updates are NOT affected.
Tuesday, August 22, 2006
Hi everyone, Stephen Toulouse here. We wanted to provide you with information about the MS06-042 re-release that was scheduled to occur today. As posted on August 15th, we noted we would be re-releasing MS06-042 today to address a crashing issue that could occur if you are using HTTP 1.1 in combination with Internet Explorer 6.
Tuesday, August 15, 2006
Hey folks - Mike Reavey here, we’ve made an update to MS06-042 to let customers know of an issue they might see after applying the update to Internet Explorer 6 Service Pack 1 systems. The issue is limited to IE6SP1 only, and then only when visiting a website that use HTTP 1.
Monday, August 14, 2006
So I am back to give what I hope is the last update on the recent MS06-040 exploit. By the way, this is Adrian Stone again. As many of you know from the recent posts, and recent Advisory publication we have been working all weekend to stay on top of the Win32/Graweg issue so I thought it would be a good idea to update you with the current status as various enterprises and organizations around the world have come online.
