Sunday, July 26, 2009
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Hey! It’s that time of year again for all of us to pack up and head out to the desert to reconnect, discuss, and plan for the future, or at least what we think will be the future of security.
Monday, July 13, 2009
Hi Everyone, This is Dave Forstrom, group manager for our security response communications team. We have just posted Microsoft Security Advisory 973472, which highlights a vulnerability in Microsoft Office Web Components. Specifically, the vulnerability exists in the Spreadsheet ActiveX control and while we’ve only seen limited attacks, if exploited successfully, an attacker could gain the same user rights as the local user.
Monday, July 06, 2009
I wanted to let you know that we have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003. Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on user if they browse to a malicious site.
Wednesday, March 11, 2009
As the newest member to the EcoStrat Team, I guess I will start with the basics. I am Adrian Stone. I have now been in the Microsoft Security Response Center (MSRC) almost four years. My current job you ask? I work to make sense of the random and controlled chaos that is the MSRC.
Tuesday, February 10, 2009
Sveika! Hey Steve here, been a while since I posted on the EcoStrat blog. With all the security events that happened during the latter half of 2008, I have been very focused on working with the security update releases and Microsoft Active Protections Program (MAPP). Handle: Cap’n Steve IRL: Steve Adegbite
Monday, February 02, 2009
Microsoft has been talking about community-based defense for some time now. This week, I want to provide a personal dimension to the campaign, and give an update on recent activities. Curiously, as I started to write this post, a couple of phrases popped up, which despite being somewhat trite, seemed appropriate – “change is constant” and “the more things change the more they stay the same.
Wednesday, November 12, 2008
Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns Hey folks – We’ve just released the November Security Bulletins and that also marks the one-month point after the release of the initial Exploitability Index in October.
Thursday, October 23, 2008
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run You’ve probably heard that we released an out-of-band Security Bulletin for a vulnerability in Windows (MS08-067).
Tuesday, October 14, 2008
Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns It’s October! And for those who remember Black Hat 2008 in Las Vegas, this means the programs we announced have launched.
Friday, August 08, 2008
Handle: The Crushman IRL: Andrew Cushman Rank: Security Director Likes: Cranberry juice (thanks Jay!) Dislikes: Super helpful hotel desk clerks (thanks Raoul?) What can I say? Once again, Black Hat did not disappoint. And that’s not just post-party speak. The conversations were good, the input was invaluable, and the support for the new programs we launched—well, it’s been overwhelming.
