Security Bulletins

Advance Notification Service for the January 2013 Security Bulletin Release

On behalf of all of us here at Microsoft, I’d like to wish everyone a very happy New Year! With 2013 starting on a Tuesday, our monthly bulletin release is upon us a bit earlier than usual. Next Tuesday we’ll release seven bulletins; two Critical and five Important, which address 12 vulnerabilities. The Critical-rated bulletins …

Advance Notification Service for the January 2013 Security Bulletin Release Read More »

December 2012 Security Bulletin Webcast, Q&A, and Slide Deck

Hello, Today we’re publishing the December 2012 Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded five questions focusing primarily on Microsoft Word and the Office compatibility pack in MS12-079. All questions are included on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday, …

December 2012 Security Bulletin Webcast, Q&A, and Slide Deck Read More »

September 2012 Out-of-Band Security Bulletin Webcast, Q&A, and Slide Deck

Hello. Today we’re publishing the September 2012 Security Bulletin Out-of-Band Webcast Questions & Answers page. During the webcast, we fielded 19 questions. Those were focused on MS12-063, the out-of-band cumulative release for Internet Explorer, and Security Advisory 2755801, which involves an issue with the Adobe Flash Player implementation for Internet Explorer 10. All questions are …

September 2012 Out-of-Band Security Bulletin Webcast, Q&A, and Slide Deck Read More »

Update Tuesday overview for September 2012

As I previously mentioned in the Advance Notification blog on Thursday, today we are releasing two security bulletins, both of which are rated Important. These bulletins will increase protection by addressing two unique vulnerabilities in the following Microsoft products: MS12-061 (Visual Studio Team Foundation Server) This security update resolves a privately reported vulnerability in Visual …

Update Tuesday overview for September 2012 Read More »

August 2012 Security Bulletin Webcast, Q&A, and Slide Deck

Hello. Today we’re publishing the August 2012 Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded twelve questions focusing primarily on MS12-060 covering Windows Common Controls,  MS12-052 regarding Internet Explorer, and Security Advisory 2661254 addressing trust certificates with RSA keys less than 1024 bit key lengths. Three additional questions were answered after …

August 2012 Security Bulletin Webcast, Q&A, and Slide Deck Read More »

Microsoft security updates and the Common Vulnerability Reporting Framework

As a part of the Industry Consortium for Advancement of Security on the Internet (ICASI), Microsoft is pleased to present an initial set of monthly security updates – originally released on May 8 – in the consortium’s newly established Common Vulnerability Reporting Framework (CVRF) format, for your examination and feedback. Today, ICASI released version 1.1 …

Microsoft security updates and the Common Vulnerability Reporting Framework Read More »

Bulletin Management Process and the May 2012 Bulletins

Hello, Have you ever wondered why bulletins group particular issues together? Or one set of products and not another? Well today Jonathan Ness has posted an insightful Security Research & Defense (SRD) blog discussing some of the nuances and packaging decisions that went into MS12-034. This is a particularly interesting case to dive into and …

Bulletin Management Process and the May 2012 Bulletins Read More »

April 2012 Security Bulletin Webcast and Q&A

Hello, Today we published the April Security Bulletin Webcast Questions & Answers page, and the slide deck presented in the webcast. We fielded 15 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast on Wednesday, May 9 …

April 2012 Security Bulletin Webcast and Q&A Read More »