June 7, 2012 - Hello -- Today we’re releasing our advance notification for the June security bulletin release, which is scheduled for Tuesday, June 12. This month’s release includes 7 bulletins addressing 25 vulnerabilities in Microsoft Windows, Internet Explorer, Visual Basic for Applications, Dynamics (continue reading...) Read more
June 7, 2012 - It’s a New Day – In this month’s review of cyber security happenings, I’ve taken a departure from the regular flow of things. The last week or so has generated some pretty interesting news headlines and to offer you insight (continue reading...) Read more
June 6, 2012 - Microsoft has now gone public with additional information about the certificate forgery in the Flame malware. The attackers used an MD5 collision. Learn more about hash collisions, and how to avoid them in your own IT environment. (continue reading...) Read more
June 6, 2012 - On Sunday Microsoft published security advisory 2718074 closing a loophole used by the Flame malware enabling it to masquerade as a piece of software signed by Microsoft. Software signed by (continue reading...) Read more
June 6, 2012 - Today, as a part of our continuing phased mitigation strategy recently discussed, we have initiated the additional hardening of Windows Update. We’ve also provided more information about the MD5 hash-collision attacks used by the Flame malware in the (continue reading...) Read more
June 4, 2012 - Hello, At Microsoft, our commitment is to help ensure customer trust in their computing experience. That was the impetus for Trustworthy Computing, and central to that is the priority we place on taking the necessary actions to help protect our customers. Yesterday, (continue reading...) Read more
June 4, 2012 - Microsoft has released an emergency update for Windows, revoking digital certificates that could be used to impersonate the Windows Update security service. The Flame malware exploited flaws related to this vulnerability realizing concerns that Windows Update might be compromised to (continue reading...) Read more
June 3, 2012 - Hello, We recently became aware of a complex piece of targeted malware known as “Flame” and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast (continue reading...) Read more
May 17, 2012 - As a part of the Industry Consortium for Advancement of Security on the Internet (ICASI), Microsoft is pleased to present an initial set of monthly security updates – originally released on May 8 – in the consortium’s newly established Common (continue reading...) Read more
May 16, 2012 - With 50% of IT endpoint operating costs now attributable to malware, is reliance on antivirus as the keystone endpoint security measure the best approach? Instinct tells us no but to be sure, Lumension recently did a comparative analysis on the (continue reading...) Read more
May 11, 2012 - Hello, Today we published the May Security Bulletin Webcast Questions & Answers page, and the May 2012 Security Bulletin Release Webcast slide deck. During the webcast, we fielded 8 questions on various topics, including bulletins released, deployment tools, (continue reading...) Read more
May 9, 2012 - Think that Patch Tuesday is irrelevant to if you don't run Windows? Think again. Mac users advised to update their installations of Microsoft Office. Read more
May 9, 2012 - Multiple vulnerabilities in Adobe and Microsoft products revealed - make sure that your computers are properly patched. Read more
May 8, 2012 - The disruptive restarts and the wide range of platforms impacted by May’s bulletins will have IT teams scrambling to accomplish their flaw remediation tasks this month. Combine those with the workload from Oracle and others and many security pros may (continue reading...) Read more
May 8, 2012 - Hello, Have you ever wondered why bulletins group particular issues together? Or one set of products and not another? Well today Jonathan Ness has posted an insightful Security Research & Defense (SRD) blog discussing some of the nuances and packaging (continue reading...) Read more
May 8, 2012 - This month, Microsoft released seven bulletins, three critical and four important, that addressed a total of 23 vulnerabilities. MS12-029 is the bulletin that should be highest on the list for (continue reading...) Read more
May 3, 2012 - Today, Microsoft released its Advanced Notification for May which contains seven bulletins fixing a total of 23 vulnerabilities. Three of the bulletins are critical, and four are rated important. The bulletins (continue reading...) Read more
May 3, 2012 - During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our non-disclosure agreement (NDA). Microsoft takes (continue reading...) Read more
May 3, 2012 - Hello, Today we’re releasing our advance notification for the May security bulletin release, which is scheduled for Tuesday, May 8. This month’s release includes 7 bulletins addressing 23 vulnerabilities in Microsoft Windows, Office, Silverlight, and .NET Framework. All 7 bulletins (continue reading...) Read more
May 3, 2012 - Skype learned about a security hole that reveals users' IP addresses about 18 months ago, according to the security researchers who discovered the vulnerability. Read more