security

Q&A from the September 2011 Security Bulletin Webcast

Hello, Today we published the September Security Bulletin Webcast Questions & Answers page. We fielded 15 questions primarily regarding the Diginotar Certificate compromise and the associated Security Advisory. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the …

Q&A from the September 2011 Security Bulletin Webcast Read More »

More on Microsoft’s response to the DigiNotar compromise

This blog post was updated Sept. 5, 2011 below. Microsoft’s investigation into the scope and impact of the DigiNotar compromise has continued over the holiday weekend. We’ve now confirmed that spoofed certificates for *.microsoft.com and *.windowsupdate.com are among those issued by the Dutch firm. Users of Vista and later operating systems have been protected since …

More on Microsoft’s response to the DigiNotar compromise Read More »

Q&A From the August 2011 Security Bulletin Webcast

Hello, Today we published the August Security Bulletin Webcast Questions & Answers page. We fielded six questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions …

Q&A From the August 2011 Security Bulletin Webcast Read More »

June Advance Notification Service and 10 Immutable Laws Revisited

Before we get into this month’s release, we wanted to alert you to updates to a document that’s been central to much of how Microsoft thinks about security. Ten years ago, Microsoft penned the “Ten Immutable Laws of Security,” which debuted on TechNet. It was written before the rise of – among other technologies and …

June Advance Notification Service and 10 Immutable Laws Revisited Read More »

Q&A from May 2011 Security Bulletin Webcast

Hello, Today we published the May Security Bulletin Webcast Questions & Answers page. We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool.  There were two questions during the webcast that we were unable to answer and we have included those questions and answers on the …

Q&A from May 2011 Security Bulletin Webcast Read More »

Exploitability Index Improvements & Advance Notification Service for May 2011 Bulletin Release

Hello everyone, Today we are announcing changes to Microsoft’s Exploitability Index. Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more comprehensive for those who use Microsoft’s latest platforms. The Exploitability Index assesses the likelihood of …

Exploitability Index Improvements & Advance Notification Service for May 2011 Bulletin Release Read More »

Exploitability Index Improvements Now Offer Additional Guidance

Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Exploitability Index: a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of this month, we are making some changes to the rating system to …

Exploitability Index Improvements Now Offer Additional Guidance Read More »

Q&A from the March 2011 Security Bulletin Webcast

Hello, Today we published the March Security Bulletin Webcast Questions & Answers page. We fielded five questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools.  We invite our customers to join us for the next public webcast on Wednesday, April 13th at 11am PDT (-8 UTC), when we …

Q&A from the March 2011 Security Bulletin Webcast Read More »