June 2010 Security Bulletin Release
Hi everyone, Today, as part of our regular monthly security bulletin release cycle, we released 10 bulletins to address 34 total vulnerabilities in Windows, Microsoft Office (including SharePoint),...
View ArticleCoordinated Vulnerability Disclosure: Bringing Balance to the Force
Today on the MSRC blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated Vulnerability Disclosure. I wanted to provide some context and...
View ArticleAnnouncing BlueHat v10: A Security Odyssey
BlueHat v10 is on the horizon and I’m happy to be able to announce the lineup. This year we’ll be hosting our annual conference on October 13-15 at the Microsoft campus here in Redmond and, with the...
View ArticleInternet troubles in Korea? E-call center 118 is there to help.
Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of...
View ArticleHack.lu: Why it’s all about building bridges
Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of...
View ArticleAdditional Fixes in Microsoft Security Bulletins
From time to time we receive questions regarding fixes not documented in security bulletins. Some call these “silent fixes.” We hope this blog post answers those questions and helps clarify Microsoft’s...
View ArticleAnnouncing the Microsoft Security Update Guide, Second Edition
Hi all — We’re pleased to announce the release of the new Microsoft Security Update Guide, Second Edition. Fully revised and updated from the first edition, which was released in 2009, this edition...
View ArticleOmphaloskepsis and the December 2013 Security Update Release
There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia,...
View ArticleThe Next Leap Forward in Cyber Defense: Taking Action to Help Defeat Adversaries
It is often said that attackers have an advantage, because the defenders have to protect every part of their systems all the time, while the attacker only has to find one way in. This argument...
View ArticleMultiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094,...
Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important...
View Article
