Two weeks ago I, along with 7,500 of my closest friends, attended the Black Hat security conference in Las Vegas, NV. I can’t speak for everyone, but I certainly had a great – if not exhausting – time while there. While there were a lot of great talks, a personal highlight for me each year is...
application compatibility
august 2013
black hat
bluehat
bulletin
challenges
critical updates
deploymentpriority
internet explorer
mapp
md5 hashing
microsoft
nla technology
remote code execution
security
trustworthy computing
updates
vulnerabilities
webcast
windows
It was just over one year ago, May 28, 2012, to be exact, that I transitioned from running active MSRC cases and writing bulletins to my current role managing software security incidents. A lot has changed in that year - and I’ve dealt with some interesting issues during my tenure - but...
certificate trust
cryptography
cumulative updates
customer protection
deploymentpriority
digital certificates
internet explorer
june 2013
microsoft office
pki
remote code execution
security
security advisories
software security
trustworthy computing
update management
vulnerabilities
windows 7
windows updates
windows vista
As previously mentioned in the Advance Notification blog on Thursday, today we’re releasing seven bulletins, one Critical-class and six Important-class bulletins. Before we discuss those releases, let’s take a closer look at the Security Advisories we also released today.
Security...
1024-bit
automatic updates
compatibility issues
critical update
deploymentpriority
infopath
lync
microsoft office
microsoft windows
microsoft works
ms12-064
ms12-067
october updates
remote code execution
risk assessment
security advisory
security bulletins
security updates
sharepoint
sql server
Security Advisory 2661254 - Update For Minimum Certificate Key Length
Before we get into the details of this month’s bulletin release, let’s take a look at an important change on how Windows deals with certificates that have RSA keys of less than 1024 bits in length.
We’ve been...
august 2012
certificate
critical updates
cumulative updates
denial of service
deploymentpriority
enterprise administrators
internet explorer
microsoft office
public key infrastructure
remote code execution
rsa keys
security advisory
security bulletins
security updates
sql server
vulnerabilities
windows networking
windows update
xml core services
Hello all --
Over the years we’ve often talked about exploit mitigations – DEP, ASLR, SEHOP and so forth – as effective tools for improving computer security, reducing risk, preventing attacks, and minimizing operational disruption. Today we’re releasing a user’s...
aslr
automatic update
bluetooth
client server
critical update
dep
deploymentpriority
exploit mitigations
it professionals
operational disruption
risk assessment
runtime subsystem
security bulletin
sehop
technical webcast
vulnerabilities
white paper
windows
windows 7
windows vista
Hello all. As part of our usual cycle of monthly updates, todayMicrosoft is releasing three security bulletins, addressing 11 vulnerabilities.One of the bulletins has a Critical severity rating, while the other two arerated Important. Recapping the trio:
Link Removed due to 404 Error This...