trustworthy computing

Hello, As we do each month, we're providing advanced notification on the release of eight security bulletins, two Critical and six Important, to address 23 vulnerabilities across Internet Explorer, .NET Framework & Silverlight, Microsoft Windows, Microsoft Forefront UAG, and Microsoft Host...

Today, Microsoft re-released Link Removed non-security update for customers using Microsoft Windows XP and Windows Server 2003, which addresses an issue described in the “known issues” section of KB2616676. Customers who have enabled automatic updates are already protected and no...

Hello everyone, As we do each month, we're providing Link Removed due to 404 Error on the release of five Important security bulletins to help protect customers using Microsoft Windows and Office. As usual, the bulletin release is scheduled for the second Tuesday of the month, September 14, at...

Microsoft’s investigation into the scope and impact of the DigiNotar compromise has continued over the holiday weekend. We’ve now confirmed that spoofed certificates for *.microsoft.com and *.windowsupdate.com are among those issued by the Dutch firm. Users of Vista and later...

Hello all. It has been very nearly a week since our Link Removed due to 404 Error at Black Hat. Now that everyone’s had some time to digest the basics, we’ve asked Senior Security Strategist and chief BlueHat Prize architect Katie Moussouris to stop by the Trustworthy Computing...

Hello, Today we published the Link Removed due to 404 Error. We fielded twelve questions on various topics during the webcast, including bulletins released and the Malicious Software Removal Tool. There were two questions during the webcast that we were unable to answer and we have included...

Hello everyone, My name is Pete Voss, and I'm a senior response communications manager with Microsoft Trustworthy Computing. I'll be joining the rest of the team on the MSRC blog and Link Removed Twitter handle to help provide you with the latest information and guidance for Microsoft...

Hello - Today we're releasing Link Removed due to 404 Error, to address nine fraudulent digital certificates issued by Comodo Group Inc, a root certificate authority. Comodo has since revoked the digital certificates. This is not a Microsoft security vulnerability; however, one of the...

Hello, Today we published the Link Removed due to 404 Error. We fielded five questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join us for the next public webcast on Wednesday, April 13th at...

Hello, Today we published the Link Removed due to 404 Error. We fielded 17 questions, most concerning the Internet Explorer update and the re-releases of bulletins this month. We invite our customers to join us for the next public webcast on Wednesday, January 12 at 11am PST (-8 UTC), when we...

BH Landscape Next week, many of us here will be heading down to Las Vegas for Black Hat. The MSRC, and other teams in Microsoft, have been attending Black Hat for years. In fact, we've been sponsoring the show for the last eight years-the last five as a platinum sponsor. Some might ask why...

Two years ago, in front of a standing-room only crowd here at Black Hat, we introduced three new information sharing programs as well as the concept of Community-Based Defense. The underlying concept shared by all three programs was simple-collaboration will be key to preventing and defending...

Hello, As we announced yesterday, today we released Link Removed due to 404 Error out-of-band to address a vulnerability in ASP.NET. The bulletin and the blog by Scott Guthrie, corporate vice president of Microsoft's .NET Developer Platform are available for more information. This security...

Hello, Below you will find the webcast we conducted earlier this week as part of the Link Removed due to 404 Error Security Update which was released Out-of-Band. We have also published the questions and answers from that webcast and linked them Link Removed due to 404 Error. The response...

Hi everyone - We've updated Microsoft Security AdvisoryLink Removed due to 404 Error to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring. This can be done using URLScan, a free tool for Internet Information Services...

Hi everyone - We've just updated Link Removed due to 404 Error as we've begun to see limited attacks with the ASP.NET vulnerability. We have added questions and answers and encourage customers to review this information and evaluate it for their environment. We have also added additional...

Hello - Today we provided Link Removed due to 404 Error to customers that we will release an out-of-band security update to address the vulnerability discussed in Security Advisory Link Removed due to 404 Error. The update is scheduled for release tomorrow, Tuesday, September 28, 2010 at...

Hi everyone - Today we released out-of-band Link Removed due to 404 Errorthrough the remainder of our standard distribution channels, including Windows Update and Windows Server Update Services. We have completed our testing of these channels and confirmed the update can be successfully...

Windows 7 may be secure, but are Windows users safe? Windows 7 users got a nice surprise on Tuesday when Microsoft released its first set of security patches since unveiling the new operating system last month. Of the 15 bugs patched, none affected Windows 7. When Microsoft launched Windows...