trustworthy computing

Hello, Today we published the December 2011 Out-of-Band Security Bulletin Webcast Questions & Answers page. We fielded 41 questions on the subject of MS11-100 . There were four questions during the webcast that we were unable to answer and we have included those questions and answers on the...

Hello, Today we’re providing advance notification for an out-of-band security update to address the publicly disclosed issue described in Security Advisory 2659883. The release is scheduled for tomorrow, December 29, at approximately 10 a.m. PST. The bulletin has a severity rating of...

Hello all. Before we look at next week’s bulletin release, we’d like to point out an update to our Microsoft Active Protections Program (MAPP) that should provide customers with greater transparency as to how MAPP partners use the information we share with them when we release...

Hello, On this November Update Tuesday, we’re recapping the Link Removed, which Microsoft hosted in Redmond last week. We are also releasing four security updates, so please read on for details. Microsoft hosted its Link Removed of the BlueHat conference Nov. 2-4. The event featured...

Hello, On this October Update Tuesday, we are releasing the 11th volume of the Security Intelligence Report, Link Removed which puts zero-day vulnerabilities into context against other global threats. We are also releasing eight security updates so please read on for details. A new method of...

Hello, As we do each month, we're providing advanced notification on the release of eight security bulletins, two Critical and six Important, to address 23 vulnerabilities across Internet Explorer, .NET Framework & Silverlight, Microsoft Windows, Microsoft Forefront UAG, and Microsoft Host...

Today, Microsoft re-released Link Removed non-security update for customers using Microsoft Windows XP and Windows Server 2003, which addresses an issue described in the “known issues” section of KB2616676. Customers who have enabled automatic updates are already protected and no...

Hello everyone, As we do each month, we're providing Link Removed due to 404 Error on the release of five Important security bulletins to help protect customers using Microsoft Windows and Office. As usual, the bulletin release is scheduled for the second Tuesday of the month, September 14, at...

Microsoft’s investigation into the scope and impact of the DigiNotar compromise has continued over the holiday weekend. We’ve now confirmed that spoofed certificates for *.microsoft.com and *.windowsupdate.com are among those issued by the Dutch firm. Users of Vista and later...

Hello all. It has been very nearly a week since our Link Removed due to 404 Error at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing...

Hello, Today we published the Link Removed due to 404 Error. We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There were two questions during the webcast that we were unable to answer and we have included...

Hello everyone, My name is Pete Voss, and I'm a senior response communications manager with Microsoft Trustworthy Computing. I'll be joining the rest of the team on the MSRC blog and Link Removed Twitter handle to help provide you with the latest information and guidance for Microsoft...

Hello - Today we're releasing Link Removed due to 404 Error, to address nine fraudulent digital certificates issued by Comodo Group Inc, a root certificate authority. Comodo has since revoked the digital certificates. This is not a Microsoft security vulnerability; however, one of the...

Hello, Today we published the Link Removed due to 404 Error. We fielded five questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast on Wednesday, April 13th at...

Hello, Today we published the Link Removed due to 404 Error. We fielded 17 questions, most concerning the Internet Explorer update and the re-releases of bulletins this month. We invite our customers to join us for the next public webcast on Wednesday, January 12 at 11am PST (-8 UTC), when we...

BH Landscape Next week, many of us here will be heading down to Las Vegas for Black Hat. The MSRC, and other teams in Microsoft, have been attending Black Hat for years. In fact, we've been sponsoring the show for the last eight years-the last five as a platinum sponsor. Some might ask why...

Two years ago, in front of a standing-room only crowd here at Black Hat, we introduced three new information sharing programs as well as the concept of Community-Based Defense. The underlying concept shared by all three programs was simple-collaboration will be key to preventing and defending...

Hello, As we announced yesterday, today we released Link Removed due to 404 Error out-of-band to address a vulnerability in ASP.NET. The bulletin and the blog by Scott Guthrie, corporate vice president of Microsoft's .NET Developer Platform are available for more information. This security...

Hello, Below you will find the webcast we conducted earlier this week as part of the Link Removed due to 404 Error Security Update which was released Out-of-Band. We have also published the questions and answers from that webcast and linked them Link Removed due to 404 Error. The response...

Hi everyone - We've updated Microsoft Security AdvisoryLink Removed due to 404 Error to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring. This can be done using URLScan, a free tool for Internet Information Services...