trustworthy

With all the malware that likes to hitch-hike onto a download of software, how do I know which source is trustworthy?

Severity Rating: Important Revision Note: V1.0 (December 10, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in ASP.NET SignalR. The vulnerability could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to...

Link Removed, Link Removed Today we released a new update to replace KB2823324, which was originally made available through MS13-036. As we previously discussed, we stopped distributing this update when we learned some customers were having issues. The new update, KB2840149, still addresses the...

Today we’re publishing the Link Removed. During the webcast, we fielded 10 questions covering all updates. All questions are included on the Q&A page. We invite our customers to join us for the next scheduled webcast on Wednesday, August 14th at 11 a.m. PT (UTC -8), when we will go into...

Today we’re providing advance notification for the release of seven bulletins, six Critical and one Important, for July 2013. The Critical bulletins address vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer and GDI+. Also scheduled for inclusion among...

Today, we released MS13-008 to address the issue described in Security Advisory 2794220. We’ve seen only a limited number of attacks through an issue in Internet Explorer 6-8, but the potential exists that more customers could be affected. The majority of customers have automatic updates...

Hello, Today we released Security Advisory 2798897 to notify customers that we are aware of active attacks using a fraudulent digital certificate issued by TURKTRUST Inc. To help protect customers, we have updated the Certificate Trust List (CTL) to remove the trust of the certificates causing...

Hello, At Microsoft, our commitment is to help ensure customer trust in their computing experience. That was the impetus for Trustworthy Computing, and central to that is the priority we place on taking the necessary actions to help protect our customers. Yesterday, we issued Security Advisory...

During our investigation into the disclosure of confidential data shared with our Microsoft Active Protections Program (MAPP) partners, we determined that a member of the MAPP program, Hangzhou DPTech Technologies Co., Ltd., had breached our non-disclosure agreement (NDA). Microsoft takes...

Hello, Today we’re releasing our advance notification for the May security bulletin release, which is scheduled for Tuesday, May 8. This month’s release includes 7 bulletins addressing 23 vulnerabilities in Microsoft Windows, Office, Silverlight, and .NET Framework. All 7 bulletins...

Hello, Today we published the Link Removed due to 404 Error, and the Link Removed due to 404 Error presented in the webcast. We fielded 15 questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. We invite our customers to join...

Hello, Today we published the Link Removed due to 404 Error. During the webcast, we fielded twelve questions focusing on MS12-020 (aka “the RDP update”). Two additional questions for MS12-022 regarding Microsoft Expression Design were answered after the webcast. All questions are...

Hello, Today we published the Link Removed due to 404 Error. We fielded ten questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. Many of the questions centered on the .Net/Silverlight update Link Removed due to 404 Error. We...

Hello, Today we published Security Advisory 2659883 to provide a workaround to help protect ASP.NET customers from a publicly disclosed vulnerability that affects various Web platforms industry-wide. We are not aware of any attacks using this vulnerability, which affects all supported versions...

Hello, As we do each month, we're providing advance notification on the release of four security bulletins, one Critical, two Important, and one Moderate, to address four CVEs in Windows. As usual, the bulletin release is scheduled for the second Tuesday of the month, Nov. 8, at approximately 10...

Hello, Today we published the Link Removed due to 404 Error. We fielded eight questions across all bulletins. There was one question that we were unable to answer during the webcast due to time constraints, and we have included all questions and answers on the Q&A page. We invite our customers...

Hello, Today we published the Link Removed due to 404 Error. We fielded 15 questions primarily regarding the Diginotar Certificate compromise and the associated Security Advisory. There was one question that we were unable to answer during the webcast due to time constraints, and we have...

Hi everyone, Black Hat this year was really great. We spent a lot of time talking to people and getting new perspectives on the security landscape and of course, we announced the BlueHat Prize contest. The reaction to the contest was outstanding. In fact, within the first 24 hours, we had...

Hello all. Before we look at next week’s bulletin release, we’d like to recommend – for those of you who missed it in the run-up to this year’s Black Hat conference – the Link Removed due to 404 Error. Every year around this time, we look back at the progress our...

Hello, Today we published the Link Removed due to 404 Error. We fielded thirteen questions on various topics during the webcast, including bulletins released, deployment tools, and update detection tools. There were two questions during the webcast that we were unable to answer and we have...