risk assessment

Hello, Today we’re releasing our advance notification for the April security bulletin release, which is scheduled for Tuesday, April 10. This month’s release includes 6 bulletins addressing 11 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, Forefront UAG...

Severity Rating: Important Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate...

Hello. Today we’re releasing our advance notification for the March security bulletin release, which is scheduled for Tuesday, March 13. This month’s release includes six bulletins addressing seven vulnerabilities in Microsoft Windows, Visual Studio, and Expression Design. As always...

Hello. As I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing seven security bulletins, one of which is rated Critical in severity, with the remaining six classified as Important. These bulletins will address eight vulnerabilities in Microsoft...

Hello. Today we’re releasing our advance notification for the January security bulletin release, which is scheduled for Tuesday, January 10. This month’s release includes seven bulletins addressing eight vulnerabilities in Microsoft Windows and Microsoft Developer Tools And Software...

Revision Note: V1.0 (September 26, 2011): Advisory published. Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0 and TLS 1.0, affecting the Windows operating system. This vulnerability affects the...

Hello all. It has been very nearly a week since our Link Removed due to 404 Error at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing...

Hello all. Before we look at next week’s bulletin release, we’d like to recommend – for those of you who missed it in the run-up to this year’s Black Hat conference – the Link Removed due to 404 Error. Every year around this time, we look back at the progress our...

Does using Facebook put you at more risk elsewhere on the internet? | Naked Security

Hello all -- Over the years we’ve often talked about exploit mitigations – DEP, ASLR, SEHOP and so forth – as effective tools for improving computer security, reducing risk, preventing attacks, and minimizing operational disruption. Today we’re releasing a user’s...

Before we get into this month’s release, we wanted to alert you to updates to a document that’s been central to much of how Microsoft thinks about security. Ten years ago, Microsoft penned the “Ten Immutable Laws of Security,” which debuted on TechNet. It was written...

Hello everyone, Today we are announcing changes to Microsoft’s Link Removed Since October 2008, we have used the Exploitability Index to provide customers with valuable exploitability analysis for our security bulletins, and starting Tuesday this information will become even more...

Exploitability Index Improvements Now Offer Additional Guidance In October of 2008, Microsoft published its first Link Removed a rating system that helps customers identify the likelihood that a specific vulnerability would be exploited within the first 30 days after bulletin release. As of...

Hello everyone, My name is Pete Voss, and I'm a senior response communications manager with Microsoft Trustworthy Computing. I'll be joining the rest of the team on the MSRC blog and Link Removed Twitter handle to help provide you with the latest information and guidance for Microsoft...

Scientists of earth, sea and sky, scholars of law, politics and philosophy: In three intense days cloistered behind Chicheley Hall's old brick walls, four dozen thinkers pondered the planet's fate as it grows warmer, weighed the idea of reflecting the sun to cool the atmosphere and debated the...

December 10, 2010 Weird News: Bad lung beats none at all Britain’s National Health Service acknowledged in November that, because of a shortage of healthy lungs and other organs available for transplant, it was offering those on waiting lists the option of receiving them from former...

Hello all. As part of our usual cycle of monthly updates, todayMicrosoft is releasing three security bulletins, addressing 11 vulnerabilities.One of the bulletins has a Critical severity rating, while the other two arerated Important. Recapping the trio: Link Removed due to 404 Error This...

Severity Rating: Important - Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All...

Severity Rating: Critical - Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opens a specially crafted media...