Today, we released Link Removed to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” (Factoring attack on RSA-EXPORT Keys).
Our investigation continues and we’ll take the necessary steps to protect our customers.
MSRC Team
Continue reading...
Today, as part of Update Tuesday, we released nine security bulletins – three rated Critical and six rated Important in severity, to address 56 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server software.
We...
advisory
bulletins
change
critical
cve
exploitability index
february 2015
important
internet explorer
microsoft office
microsoft server
microsoft windows
msrc
re-released
remote code execution
response center
security
ssl
updates
vulnerabilities
Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures (CVEs) in Microsoft Windows, Internet Explorer (IE), Office and Exchange.
We encourage you to apply all of...
adobe flash
common vulnerabilities
critical updates
cumulative update
december 2014
exchange server
exploit index
important updates
internet explorer
microsoft bulletin
microsoft office
msrc
patch tuesday
remote code execution
security
security advisory
security bulletin
technet
updates
vulnerability
Today we provide advance notification for the release of five bulletins for March 2014, two rated Critical and thee rated Important in severity. These updates address issues in Microsoft Windows, Internet Explorer and Silverlight.
The update provided in MS14-012 fully addresses the issue first...
advisory
bulletin
critical
deployment
impact
important
internet explorer
march 2014
msrc
risk
security
silverlight
testing
trustworthy computing
update
windows
Today we provide advance notification for the release of four bulletins for January 2014. All bulletins this month are rated Important in severity and address vulnerabilities in Microsoft Windows, Office, and Dynamics AX. The update provided in MS14-002 fully addresses the issue first described...
ans
bulletin
deployment
dynamics ax
exploit
guidance
impact
january 2014
microsoft
msrc
office
pst
risk
security
server 2003
update
vulnerabilities
windows
windows xp
By way of introduction, I am Chris Betz, the leader of the Microsoft Security Response Center (MSRC). I’m stepping in to fill the shoes of Mike Reavey, who has moved on to become the General Manager of Secure Operations, still within Trustworthy Computing.
Since joining the MSRC, I’ve spent...
bounty program
chris betz
customer concerns
cyber-attacks
enterprise security
global team
it professionals
microsoft
microsoft security
msrc
professional dedication
progress report
response
security
security research
technology evolution
trustworthy computing
update tuesdays
vulnerability
By way of introduction, I am Chris Betz, the leader of the Microsoft Security Response Center (MSRC). I’m stepping in to fill the shoes of Mike Reavey, who has moved on to become the General Manager of Secure Operations, still within Trustworthy Computing.
Since joining the MSRC, I’ve spent...
bounty program
chris betz
customer protection
cyber attacks
dedication
enterprise security
global team
information security
it professionals
microsoft
msrc
progress report
response
security
security incident
security research
technology
trustworthy computing
update tuesdays
vulnerability
Today we’re providing advance notification for the release of seven bulletins, six Critical and one Important, for July 2013. The Critical bulletins address vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer and GDI+. Also scheduled for inclusion among...
analysis
bulletin
communications
critical
deployment
framework
gdi+
internet explorer
july
kernel-mode
microsoft
msrc
pdt
security
silverlight
testing
trustworthy
update
vulnerabilities
windows
Today, we are releasing 10 bulletins, addressing 33 vulnerabilities in Microsoft products. Before we get into the details, we wanted to first let our enterprise customers know about a change in how we’re communicating technical details within our security advisories. Starting today...
advisories
bulletins
cumulative
customer protections
denial of service
deployment
emergency patch
exploitability
internet explorer
knowledge base
microsoft
msrc
risk management
security
technical support
trustworthy computing
updates
vulnerabilities
webcast
windows
In celebration of spring’s onset, today we’re providing advance notification for the April 2013 release of nine bulletins; two Critical and seven Important. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer, and the seven Important-rated...
antimalware
april 2013
bulletin
critical
deployment
impact analysis
important
internet explorer
microsoft
msrc
notification
office
risk analysis
security
server software
testing
trustworthy computing
updates
vulnerabilities
windows
We’re kicking off the February 2013 Security Bulletin Release with Advance Notification of 12 bulletins for release Tuesday, February 12. This release brings five Critical and seven Important-class bulletins, which address 57 unique vulnerabilities. The Critical-rated bulletins address...
bulletins
communications
critical issues
deployment
exchange
february
important issues
internet explorer
microsoft
msrc
net framework
notification
office
risk analysis
security
server software
trustworthy computing
update
vulnerabilities
windows
Today, we are providing Advance Notification to customers that at approximately 10 a.m. PST on Monday, January 14, 2013, we will release an out-of-band security update to fully address the issue described in Security Advisory 2794220. While we have still seen only a limited number of customers...
advisory
automatic updates
bug fixes
critical
customer advisory
cve-2012-4792
dustin childs
internet explorer
live webcast
msrc
notification
pst time
security
support
tech news
trustworthy computing
update
vulnerability
web registration
windows update
On behalf of all of us here at Microsoft, I’d like to wish everyone a very happy New Year!
With 2013 starting on a Tuesday, our monthly bulletin release is upon us a bit earlier than usual. Next Tuesday we’ll release seven bulletins; two Critical and five Important, which address...
bulletin
critical updates
deployment
guidance
impact analysis
important updates
january 2013
microsoft
msrc
net framework
news
office
risk analysis
security
server software
testing
trustworthy computing
update process
vulnerabilities
windows
Today, we’re providing advance notification for six bulletins to help protect customers against 19 CVEs. The four Critical-rated updates will address 13 vulnerabilities in Microsoft Windows, Internet Explorer and the .NET Framework. One bulletin rated Important will address four...
advance notification
bulletin
critical
cve
deployment
important
internet explorer
microsoft
microsoft trustworthy computing
moderate
msrc
net framework
november
office
patch management
security
testing
update
vulnerabilities
windows
Today we’re providing advance notification of the release of seven bulletins, one Critical and six Important, for October 2012. The Critical bulletin addresses vulnerabilities in Microsoft Word. The six Important-rated bulletins will address issues in Windows, Microsoft Office, and SQL...
advisory
bulletin
critical
fast search server
important
manual deployment
microsoft
msrc
notifications
october
office
release date
rsa keys
security
sql server
trustworthy computing
update
vulnerabilities
windows
Today, we published Security Advisory 2743314, which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2.
Customers concerned with this...
Today we're providing advanced notification on the release of nine bulletins, five Critical and four Important, for August 2012. The five Critical security bulletins are addressing ten vulnerabilities in Microsoft Windows, Internet Explorer, Exchange, SQL Server, Server Software, and Developer...
advisory
august 2012
bulletins
critical
developer tools
exchange
important
internet explorer
microsoft office
msrc
notifications
pdt
releases
security
sql server
trustworthy computing
updates
vulnerabilities
windows
Ever wondered where Update Tuesday bulletins come from, or what it’s like around Microsoft when a serious information-security situation arises? Or wondered who precisely is responsible for getting your monthly bulletin releases out the door?
Update Tuesday, which brings us here today, is...
bulletins
c runtime
collaboration
cumulative update
deployment
ecosystem
exploitability
february 2012
incident response
internet explorer
microsoft
msrc
remote code execution
research
security
technet
trustworthy computing
update
vulnerabilities
webcast
Hosts: Jonathan Ness, Security Development Manager, MSRC
Jerry Bryant, Group Manager, Trustworthy Computing Communications
Website: TechNet/Security
Chat Topic: December 2011 Security Bulletin Release
Date: Wednesday, December 14...
Hello,
As we do each month, we're providing advance notification on the release of four security bulletins, one Critical, two Important, and one Moderate, to address four CVEs in Windows.
As usual, the bulletin release is scheduled for the second Tuesday of the month, Nov. 8, at approximately 10...
advance
bulletins
communications
computing
critical
cve
important
microsoft
moderate
msrc
notification
november 2011
pete voss
release
response
security
trustworthy
twitter
update
windows