Archive

Archive for the ‘security bulletin release’ Category

October 2014 Updates

October 14th, 2014 No comments

Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important – to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first.

Here’s an overview slide and video of the security updates released today:

 

 

 

For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary Web page. If you are not familiar with how we calculate XI, a full description is found here.

We released three security advisories this month:

We also revised Security Bulletin MS14-042: Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) and Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer.

Today, Microsoft also announced upcoming updates to the out-of-date ActiveX control blocking feature. Beginning November 11, 2014, the out-of-date ActiveX control blocking feature will automatically be expanded to block outdated versions of Silverlight, in addition to outdated versions of Java. It is also being expanded to support Internet Explorer 9 on Windows Vista SP2 and Windows Server 2008 SP2. For more information on this, please visit the IEBlog.

Watch our bulletin webcast tomorrow, Wednesday, October 15, 2014, at 11 a.m. PDT.

For all the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

Thanks,
Tracey Pretorius, Director,
Response Communications

October 2014 Updates

October 14th, 2014 No comments

Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important – to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize deployment planning, we recommend focusing on the Critical updates first.

Here’s an overview slide and video of the security updates released today:

 

 

 

For more information about this month’s security updates, including the detailed view of the Exploit Index (XI) broken down by each CVE, visit the Microsoft Bulletin Summary Web page. If you are not familiar with how we calculate XI, a full description is found here.

We released three security advisories this month:

We also revised Security Bulletin MS14-042: Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621) and Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer.

Today, Microsoft also announced upcoming updates to the out-of-date ActiveX control blocking feature. Beginning November 11, 2014, the out-of-date ActiveX control blocking feature will automatically be expanded to block outdated versions of Silverlight, in addition to outdated versions of Java. It is also being expanded to support Internet Explorer 9 on Windows Vista SP2 and Windows Server 2008 SP2. For more information on this, please visit the IEBlog.

Watch our bulletin webcast tomorrow, Wednesday, October 15, 2014, at 11 a.m. PDT.

For all the latest information, you can follow the MSRC team on Twitter at @MSFTSecResponse.

Thanks,
Tracey Pretorius, Director,
Response Communications

Security Bulletin MS14-045 rereleased

August 27th, 2014 No comments

Every month for many years, we’ve released a number of updates focused on the continuous improvement of customers’ experiences with our technology. Historically, these updates happened at different times during the month, with the security-specific ones occurring on the second Tuesday of each month. Recently, to further streamline, we decided to include more of our non-security updates together with our security updates and begin the global release to customers on the second Tuesday of each month.

This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates. As soon as we became aware of some problems, we began a review and then immediately pulled the problematic updates, making these unavailable to download. We then began working on a plan to rerelease the affected updates.

Today, we rereleased Security Bulletin MS14-045 to address kernel-mode driver issues, which you can learn more about through a review of the information contained here.

We encourage customers to install the security update as soon as possible. Customers with automatic updates enabled do not need to take any action. If you don’t have Windows Update enabled, we encourage you to do so now. If you’re not sure whether you’ve enabled Windows Update, you can check here. For organizations, your IT Group, the team or person administering the network, would be the best place to check.

Tracey Pretorius, Director
Microsoft Trustworthy Computing

UPDATE September 2, 2014: Today, we rereleased the August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2.

Customers with Windows Updates enabled, and who have selected to receive optional updates automatically, do not need to take any action. Customers who have not selected to receive optional updates automatically, will need to go to Windows Update to install it.

For more information on this release, please visit the Windows blog.

Security Bulletin MS14-045 rereleased

August 27th, 2014 No comments

Every month for many years, we’ve released a number of updates focused on the continuous improvement of customers’ experiences with our technology. Historically, these updates happened at different times during the month, with the security-specific ones occurring on the second Tuesday of each month. Recently, to further streamline, we decided to include more of our non-security updates together with our security updates and begin the global release to customers on the second Tuesday of each month.

This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates. As soon as we became aware of some problems, we began a review and then immediately pulled the problematic updates, making these unavailable to download. We then began working on a plan to rerelease the affected updates.

Today, we rereleased Security Bulletin MS14-045 to address kernel-mode driver issues, which you can learn more about through a review of the information contained here.

We encourage customers to install the security update as soon as possible. Customers with automatic updates enabled do not need to take any action. If you don’t have Windows Update enabled, we encourage you to do so now. If you’re not sure whether you’ve enabled Windows Update, you can check here. For organizations, your IT Group, the team or person administering the network, would be the best place to check.

Tracey Pretorius, Director
Microsoft Trustworthy Computing

UPDATE September 2, 2014: Today, we rereleased the August 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2.

Customers with Windows Updates enabled, and who have selected to receive optional updates automatically, do not need to take any action. Customers who have not selected to receive optional updates automatically, will need to go to Windows Update to install it.

For more information on this release, please visit the Windows blog.

August 2014 Security Updates

August 12th, 2014 No comments

Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on the Critical updates first.

Here’s an overview slide and video of the security updates released today:

Click to enlarge

Microsoft also revised Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer.

For more information about this month’s security updates, including the detailed view of the Exploit Index broken down by each CVE, visit the Microsoft Bulletin Summary Web page. If you are not familiar with how we calculate the Exploitability Index (XI), a full description is found here.

You may notice a revision in the XI this month, which aims to better characterize the actual risk to a customer on the day the security update is released. Customers will see new wording for the rating, including a new rating of “0” for “Exploitation Detected.” More information about XI can be found here:  http://technet.microsoft.com/en-us/security/cc998259.aspx.

Last week, Microsoft announced some other news that relates to Update Tuesday:

  • On August 5, Windows published a Windows blog post discussing its non-security update strategy moving forward, which is now on a monthly cadence as part of Update Tuesday.
  • On August 6, IE announced in its IE Blog that it would begin blocking out-of-date ActiveX controls. This feature will be part of the August IE Cumulative Security Update, but no out-of-date ActiveX controls will be blocked for 30 days in order to give customers time to test and manage their environments.
  • On August 7, .NET and IE announced that Microsoft will support only the most recent versions of .NET and IE for each supported operating system.

Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, August 13, 2014, at 11 a.m. PDT.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

Thanks, 

Dustin Childs

Group Manager, Response Communications
Microsoft Trustworthy Computing

August 2014 Security Updates

August 12th, 2014 No comments

Today, as part of Update Tuesday, we released nine security updates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures (CVEs) in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer (IE). We encourage you to apply all of these updates, but for those who need to prioritize their deployment planning, we recommend focusing on the Critical updates first.

Here’s an overview slide and video of the security updates released today:

Click to enlarge

Microsoft also revised Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer.

For more information about this month’s security updates, including the detailed view of the Exploit Index broken down by each CVE, visit the Microsoft Bulletin Summary Web page. If you are not familiar with how we calculate the Exploitability Index (XI), a full description is found here.

You may notice a revision in the XI this month, which aims to better characterize the actual risk to a customer on the day the security update is released. Customers will see new wording for the rating, including a new rating of “0” for “Exploitation Detected.” More information about XI can be found here:  http://technet.microsoft.com/en-us/security/cc998259.aspx.

Last week, Microsoft announced some other news that relates to Update Tuesday:

  • On August 5, Windows published a Windows blog post discussing its non-security update strategy moving forward, which is now on a monthly cadence as part of Update Tuesday.
  • On August 6, IE announced in its IE Blog that it would begin blocking out-of-date ActiveX controls. This feature will be part of the August IE Cumulative Security Update, but no out-of-date ActiveX controls will be blocked for 30 days in order to give customers time to test and manage their environments.
  • On August 7, .NET and IE announced that Microsoft will support only the most recent versions of .NET and IE for each supported operating system.

Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, August 13, 2014, at 11 a.m. PDT.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

Thanks, 

Dustin Childs

Group Manager, Response Communications
Microsoft Trustworthy Computing

Security Update Released to Address Recent Internet Explorer Vulnerability

Today, we released a security update to address the Internet Explorer (IE) vulnerability first described in Security Advisory 2963983. This security update addresses every version of Internet Explorer.

While we’ve seen only a limited number of targeted attacks, customers are advised to install this update promptly. The majority of our customers have automatic updates enabled and so will not need to take any action as protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you haven’t enabled Automatic Update, now is the time. 

For those manually updating, we strongly encourage you to apply this update as quickly as possible, following the directions in the released security bulletin.

We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11. You can find more information on the Microsoft Security Bulletin summary webpage.

We invite you to join Jonathan Ness and myself for a live webcast at 11 a.m. PDT tomorrow, where we’ll provide a detailed review of the bulletin. You can register here.

*Updated 5/2/2014 – The 11 a.m. webcast has reached capacity, so a second webcast has been scheduled for 2 p.m. on Friday, May 2. Details on registration can be found here.

For more information, please see the Microsoft News blog.

Dustin Childs
Group Manager, Response Communications
Trustworthy Computing

MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck

November 15th, 2013 No comments

Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page.  The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest.

We’ve discussed the Microsoft Baseline Security Analyzer (MBSA) tool in this and many other webcasts, and I’m happy to report version 2.3 is now available. This new version adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. However, Windows 2000 systems will no longer be supported by MBSA. If you aren’t familiar with the tool or would just like to know more about it, we encourage you to read the FAQ found on the Security TechCenter. Thanks also go out to everyone who participated in the public preview leading up to this release.

We invite you to join us for the next scheduled webcast on Wednesday, December 11, 2013, at 11 a.m. PST (UTC -8), when we will go into detail about the December bulletin release and answer your bulletin deployment questions live on the air.

You can register to attend the webcast at the link below:

Date: Wednesday, December 11, 2013
Time: 11:00 a.m. PST (UTC -8)
Register: Attendee Registration

 

 

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck

November 15th, 2013 No comments

Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page.  The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest.

We’ve discussed the Microsoft Baseline Security Analyzer (MBSA) tool in this and many other webcasts, and I’m happy to report version 2.3 is now available. This new version adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. However, Windows 2000 systems will no longer be supported by MBSA. If you aren’t familiar with the tool or would just like to know more about it, we encourage you to read the FAQ found on the Security TechCenter. Thanks also go out to everyone who participated in the public preview leading up to this release.

We invite you to join us for the next scheduled webcast on Wednesday, December 11, 2013, at 11 a.m. PST (UTC -8), when we will go into detail about the December bulletin release and answer your bulletin deployment questions live on the air.

You can register to attend the webcast at the link below:

Date: Wednesday, December 11, 2013
Time: 11:00 a.m. PST (UTC -8)
Register: Attendee Registration

 

 

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

The October 2013 security updates

October 8th, 2013 No comments

This month we release eight bulletins – four Critical and four Important – which address 25* unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080, MS13-081, and MS13-083.

Our Bulletin Deployment Priority graph provides an overview of this month’s priority releases (click for larger view).

 

 MS13-080 | Cumulative Security Update for Internet Explorer
This security update resolves 9* issues in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer, as described in Microsoft Security Advisory 2887505. An attacker who successfully exploited these vulnerabilities could gain the same rights as the current user running Internet Explorer. All but one of these issues were privately disclosed.

MS13-081 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
This security update resolves seven issues in Microsoft Windows. The most severe vulnerability could allow remote code execution if a user views a malicious webpage with specially crafted OpenType fonts. This release also addresses vulnerabilities that could allow elevation of privilege if an attacker gains access to a system, in some cases physical access to a USB port is required. These issues were privately reported and we have not detected any attacks or customer impact.

MS13-083 | Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
This security update resolves one issue in Microsoft Windows. The vulnerability could allow remote code execution if an affected system is accessible via an ASP.NET web application and can receive a specifically crafted request. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. This issue was privately reported and we have not detected any attacks or customer impact.

Security Advisory 2862973 Update for MD5 Certificates 
We would like to remind customers of the Update for MD5 Certificates that was released in August 2013 and will be released through Microsoft Update in February 2014. This update affects applications and services using certificates with the MD5 hashing algorithm. This restriction is limited to certificates issued under roots in the Microsoft root certificate program. This will apply only to certificates utilized for server authentication, code signing and time stamping. These applications and services will no longer trust certificates utilizing MD5. 

Our risk and impact graph shows an aggregate view of this month’s Severity and Exploitability Index (click for larger view).

For more information about this month’s security updates, including the detailed view of the Exploit Index broken down by CVE, visit the Microsoft Bulletin Summary Web page.

Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, October 9, 2013, at 11 a.m. PDT. I invite you to register here and tune in to learn more about this month’s security bulletins and advisory.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

I look forward to hearing your questions in the webcast tomorrow.

Thanks,
Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

*Updated CVE count to accurately reflect the correct number which is 25. This is a documentation error and there is no known impact to customers.

The October 2013 security updates

October 8th, 2013 No comments

This month we release eight bulletins – four Critical and four Important – which address 25* unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080, MS13-081, and MS13-083.

Our Bulletin Deployment Priority graph provides an overview of this month’s priority releases (click for larger view).

 

 MS13-080 | Cumulative Security Update for Internet Explorer
This security update resolves 9* issues in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer, as described in Microsoft Security Advisory 2887505. An attacker who successfully exploited these vulnerabilities could gain the same rights as the current user running Internet Explorer. All but one of these issues were privately disclosed.

MS13-081 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
This security update resolves seven issues in Microsoft Windows. The most severe vulnerability could allow remote code execution if a user views a malicious webpage with specially crafted OpenType fonts. This release also addresses vulnerabilities that could allow elevation of privilege if an attacker gains access to a system, in some cases physical access to a USB port is required. These issues were privately reported and we have not detected any attacks or customer impact.

MS13-083 | Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
This security update resolves one issue in Microsoft Windows. The vulnerability could allow remote code execution if an affected system is accessible via an ASP.NET web application and can receive a specifically crafted request. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. This issue was privately reported and we have not detected any attacks or customer impact.

Security Advisory 2862973 Update for MD5 Certificates 
We would like to remind customers of the Update for MD5 Certificates that was released in August 2013 and will be released through Microsoft Update in February 2014. This update affects applications and services using certificates with the MD5 hashing algorithm. This restriction is limited to certificates issued under roots in the Microsoft root certificate program. This will apply only to certificates utilized for server authentication, code signing and time stamping. These applications and services will no longer trust certificates utilizing MD5. 

Our risk and impact graph shows an aggregate view of this month’s Severity and Exploitability Index (click for larger view).

For more information about this month’s security updates, including the detailed view of the Exploit Index broken down by CVE, visit the Microsoft Bulletin Summary Web page.

Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, October 9, 2013, at 11 a.m. PDT. I invite you to register here and tune in to learn more about this month’s security bulletins and advisory.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

I look forward to hearing your questions in the webcast tomorrow.

Thanks,
Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

*Updated CVE count to accurately reflect the correct number which is 25. This is a documentation error and there is no known impact to customers.

September 2013 Security Bulletin Webcast, Q&A, and Slide Deck

September 13th, 2013 No comments

Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page.  The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.  

We invite our customers to join us for the next public webcast on Wednesday, October 9, 2013, at 11 a.m. PDT (UTC -7), when we will go into detail about the October bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, October 11, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

September 2013 Security Bulletin Webcast, Q&A, and Slide Deck

September 13th, 2013 No comments

Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page.  The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.  

We invite our customers to join us for the next public webcast on Wednesday, October 9, 2013, at 11 a.m. PDT (UTC -7), when we will go into detail about the October bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, October 11, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

Advance Notification Service for September 2013 Security Bulletin Release

September 5th, 2013 No comments

In celebration of kids heading back to school, today we’re providing advance notification for the release of 14 bulletins, four Critical and 10 Important, for September 2013. The Critical updates address issues in Internet Explorer, Outlook, SharePoint and Windows. 

As always, we’ve scheduled the bulletin release for the second Tuesday of the month, Sept. 10, 2013, at approximately 10:00 a.m. PDT. Revisit this blog then for our analysis of the risk and impact, as well as our deployment guidance and a brief video overview of the month’s updates. Until then, please review the ANS summary page for more information that will help you prepare for bulletin testing and deployment. For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

Thank you, 

Dustin Childs

Group Manager, Response Communications

Microsoft Trustworthy Computing

 

Advance Notification Service for September 2013 Security Bulletin Release

September 5th, 2013 No comments

In celebration of kids heading back to school, today we’re providing advance notification for the release of 14 bulletins, four Critical and 10 Important, for September 2013. The Critical updates address issues in Internet Explorer, Outlook, SharePoint and Windows. 

As always, we’ve scheduled the bulletin release for the second Tuesday of the month, Sept. 10, 2013, at approximately 10:00 a.m. PDT. Revisit this blog then for our analysis of the risk and impact, as well as our deployment guidance and a brief video overview of the month’s updates. Until then, please review the ANS summary page for more information that will help you prepare for bulletin testing and deployment. For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

Thank you, 

Dustin Childs

Group Manager, Response Communications

Microsoft Trustworthy Computing

 

August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

August 19th, 2013 No comments

Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page.  We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063).  There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.

We invite our customers to join us for the next public webcast on Wednesday, September 11, 2013, at 11 a.m. PDT (UTC -8), when we will go into detail about the September bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, September 11, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

 

 

August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

August 19th, 2013 No comments

Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page.  We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063).  There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.

We invite our customers to join us for the next public webcast on Wednesday, September 11, 2013, at 11 a.m. PDT (UTC -8), when we will go into detail about the September bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, September 11, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

 

 

July 2013 Security Bulletin Webcast, Q&A, and Slide Deck

July 12th, 2013 No comments

Today we’re publishing the July 2013 Security Bulletin Webcast Questions & Answers page. During the webcast, we fielded 10 questions covering all updates. All questions are included on the Q&A page.

 We invite our customers to join us for the next scheduled webcast on Wednesday, August 14th at 11 a.m. PT (UTC -8), when we will go into detail about the August 2013 bulletin release and answer questions live on the air.

 Customers can register to attend at the link below:

Date: Wednesday, July 14, 2013
Time: 11:00 a.m. PT (UTC -8)
Register:
Attendee Registration

 

 

Thanks,

Dustin Childs
Group Manager, Trustworthy Computing

June 2013 Security Bulletin Webcast, Q&A, and Slide Deck

June 14th, 2013 No comments

Today we’re publishing the June 2013 Security Bulletin Webcast Questions & Answers page.  We fielded three questions during the webcast, with specific questions focusing primarily on Windows Print Spooler (MS13-050), Microsoft Office (MS13-051), and the security advisory addressing digital certificates (SA2854544). There was one question we were unable to field on the air which we answered on the Q&A page.

We invite our customers to join us for the next public webcast on Wednesday, July 10, 2013, at 11 a.m. PDT (UTC -7), when we will go into detail about the July bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, July 10, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register: Attendee Registration
 

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing

April 2013 Security Bulletin Webcast, Q&A, and Slide Deck

April 16th, 2013 No comments

Today we’re publishing the April 2013 Security Bulletin Webcast Questions & Answers page.  We fielded nine questions during the webcast, with almost half of those focused on the Remote Desktop Client bulletin (MS13-024).  One question that was not answered on air has been included on the Q&A page.

We invite our customers to join us for the next public webcast on Wednesday, May 15, 2013, at 11 a.m. PDT (UTC -7), when we will go into detail about the May bulletin release and answer questions live on the air.

Customers can register to attend the webcast at the link below:

Date: Wednesday, May 15, 2013
Time: 11:00 a.m. PDT (UTC -7)
Register:
Attendee Registration

Thanks,

Dustin Childs
Group Manager, Response Communications
Microsoft Trustworthy Computing