RIP Windows XP

Has been a long time ago here, but today is an important day. Microsoft ends support and security updates for Windows XP. It was a great platform but it’s time for a change. Check out your options here.

Posted in Uncategorized | Leave a comment

Microsoft Security Bulletin Summary for May 2012

On May 8th, Microsoft released 7 security bulletins. Three were rated as “critical” and four rated as “important”.

Critical:

  • MS12-029 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
  • MS12-034 – Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
  • MS12-035 – Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)

Important:

  • MS12-030 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
  • MS12-031 – Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
  • MS12-032 – Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
  • MS12-033 – Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: Bulletin Management Process and the May 2012 Bulletins.

More information is available at the website of Microsoft Security Response Center.

Today from the desk of the Librarian at the Tacoma Art Museum! It’s a beautiful day so why not visit and look at or make some great art!

Have a wonderful weekend!

Posted in Security Bulletins | Leave a comment

Microsoft Security Bulletin Summary for April 2012

A bit late, but here are the security updates for April 2012. On April 10 Microsoft released 6 security bulletins. Four of them are considered as “critical” and two are “important”.

Critical:

  • MS12-023 – Cumulative Security Update for Internet Explorer (2675157)
  • MS12-024 – Vulnerability in Windows Could Allow Remote Code Execution (2653956)
  • MS12-025 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
  • MS12-027 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

Important:

  • MS12-026 – Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
  • MS12-028 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: Windows XP and Office 2003 countdown to end of support, and the April 2012 bulletins

More information is available at the website of Microsoft Security Response Center.

Yes, this time once again from one of my favorite locations: a Starbucks store!

It’s Friday! Have a wonderful weekend!

Posted in Security Bulletins | Leave a comment

Kaspersky: Apple 10 years behind Microsoft in Security

Today on ZDNet an interview with Eugene Kaspersky who says Apple is 10 years behind Microsoft in security terms. Read the full article here: http://zd.net/Kfvmbb

Posted in News | Leave a comment

Microsoft Security Bulletin Summary for March 2012

This is a bit late, but at least it’s still March..Winking smile On March 13th, Microsoft released 6 security bulletins. One was rated as “Critical”, four rated as “important” and one rated as “moderate”.

Critical:

  • MS12-020 – Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

Important:

  • MS12-017 – Vulnerability in DNS Server Could Allow Denial of Service (2647170)
  • MS12-018 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)
  • MS12-021 – Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
  • MS12-022 – Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)

Moderate:

  • MS12-019 – Vulnerability in DirectWrite Could Allow Denial of Service (2665364)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: Strength, flexibility and the March 2012 security bulletins

More information is available at the website of Microsoft Security Response Center.

This time not from any Starbucks in the greater Seattle area, but from my volunteer job at the Tacoma Art Museum. Great place to be!

Have a wonderful weekend!

Posted in Security Bulletins | Leave a comment

Microsoft Security Bulletin Summary for February 2012

Yesterday, Microsoft released 9 security bulletins. Four of them are rated as “critical” and five rated as “important”.

Critical:

  • MS12-008 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
  • MS12-010 – Cumulative Security Update for Internet Explorer (2647516)
  • MS12-013 – Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
  • MS12-016 – Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)

Important:

  • MS12-009 – Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
  • MS12-011 – Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
  • MS12-012 – Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
  • MS12-014 – Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
  • MS12-015 – Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: MSRC looks back at ten years, and the February 2012 bulletins.

More information is available at the website of Microsoft Security Response Center.

After some travelling in the last few months I’m back again in Seattle and at my favorite Starbucks store. The mocha’s are great here!

Have a wonderful day!

Posted in Uncategorized | Leave a comment

Microsoft Security Bulletin Summary for December 2011

On Tuesday December 13th, while I was driving from Iowa to Oklahoma City, Microsoft released 13 security bulletins. Three of them are rated as “critical” and 10 rated as “important”.

Critical:

  • MS11-087 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
  • MS11-090 – Cumulative Security Update of ActiveX Kill Bits (2618451)
  • MS11-092 – Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)

Important:

  • MS11-088 – Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
  • MS11-089 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
  • MS11-091 – Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
  • MS11-093 – Vulnerability in OLE Could Allow Remote Code Execution (2624667)
  • MS11-094 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
  • MS11-095 – Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
  • MS11-096 – Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
  • MS11-097 – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
  • MS11-098 – Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
  • MS11-099 – Cumulative Security Update for Internet Explorer (2618444)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: The December bulletins are released.

More information is available at the website of Microsoft Security Response Center.

Still from the desk at my favorite Starbucks store in Oklahoma City. Next month we’ll be back from the Seattle area.

A Merry Christmas and Happy and Secure New Year to all…

Posted in Security Bulletins | Leave a comment

IE to Start Automatic Upgrades across Windows XP, Windows Vista, and Windows 7

In January 2012 Microsoft will start upgrade Windows users with the latest version of Internet Explorer (IE). They will start with users in Australia and Brazil who have turned on automatic updates through Windows Update.

For more information check the Windows Blog: http://bit.ly/s7bjhb

Posted in IE, News | Leave a comment

Microsoft Security Bulletin Summary for November 2011

Today Microsoft released 4 security updates. One of them is rated as “Critical”, two are rated as “Important” and the last one is rated as “Moderate”. Here’s the shortlist:

Critical:
  • MS11-083 – Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)

Important:
  • MS11-085 – Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
  • MS11-086 – Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)

Moderate:
  • MS11-084 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: Microsoft hosts BlueHatv11, releases four bulletins

More information is available at the website of Microsoft Security Response Center.

This time from a desk at a Starbucks somewhere in Oklahoma City this time! Have a wonderful day!
Posted in Security Bulletins | Leave a comment

Microsoft Security Bulletin Summary for October 2011

On Tuesday, October 11th, Microsoft released 8 security bulletins. Two of them are rated as “critical” and six are rated as “important”.

Critical:
  • MS11-078 – Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)
  • MS11-081 – Cumulative Security Update for Internet Explorer (2586448)

Important:
  • MS11-075 – Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution (2623699)
  • MS11-076 – Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
  • MS11-077 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
  • MS11-079 – Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)
  • MS11-080 – Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)
  • MS11-082 – Vulnerabilities in Host Integration Server Could Allow Denial of Service (2607670)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Check for updates at Microsoft Update.

See also the MSRC blog: October Update Tuesday: Security Intelligence Report volume 11 announced.

More information is available at the website of Microsoft Security Response Center.

No Starbucks today… yet; just woke up early and thought it was a good idea to post this.

Have a wonderful day!
Posted in Security Bulletins | Leave a comment