If you’re interested in the Beta of Microsoft Security Essentials and you want to download it, then go to their web site MSE Beta. Better hurry because it seems it’s topped at 75,000 downloads.
If you have any questions then you’ll find the answers at: Microsoft Answers.
Currently available for USA, Israel, People’s Republic of China, and Brazil.
Mary-Jo Foley had a chat with Alan Parker, General Manager of Microsoft’s Anti-Malware team, and based on that conversation it seems that MSE/Morro will be released as Beta on June 23rd. WGA validation seems to be required.
For more detailed information check Mary-Jo Foley’s blog at ZDNet
In between al the housework and painting Microsoft released 10, but could be more for your configuration, updates and patches for the month of June. There are six “critical”, three “important” and one “moderate” patches.
Critical:
- MS09-018 - Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)
- MS09-022 - Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
- MS09-019 - Cumulative Security Update for Internet Explorer (969897)
- MS09-027 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)
- MS09-021 - Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
- MS09-024 - Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
Important:
- MS09-026 - Vulnerability in RPC Could Allow Elevation of Privilege (970238)
- MS09-025 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
- MS09-020 - Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
Moderate:
- MS09-023 - Vulnerability in Windows Search Could Allow Information Disclosure (963093)
As usual, a more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
See also the MSRC blog: June 2009 Bulletin Release
Hope you have already updated your machine. If not then you know where to find Microsoft Update.
Have a wonderful day! It’s the 29th day, and counting…, without rain in the Seattle area… I love it.. ;)
Because of all that moving around, from one continent to the other, and all the reconstruction of the house, I’ve not been able to post the monthly updates here. But if you haven’t done it already then you know the drill: just go to Microsoft Update to check for updates and patches. When I checked a few days ago, I also found out that there’s Service Pack 2 for Microsoft Office 2007. So, if you don’t have it yet, then go and get it.
In the meanwhile, for the month of May there are some critical updates for Microsoft Office PowerPoint:
- MS09-017 - Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)
A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
See also the MSRC blog: May 2009 Bulletin Release
Have a great day!
The Microsoft Security Intelligence Report (SIR), vol. 6, provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software.
More at: Microsoft Malware Protection Center
Get your copy at the Microsoft Download Center.
Today, during the 2nd day of the MVP Meeting at Microsoft campus, the team of MMPC, Monilee Atkinson, Tareq Saade, showed us the new web portal for their blog. You really have to check out this website: http://www.microsoft.com/security/portal/beta. Tell them what you think about it. Not only the content or bugs, but also how the site looks like. The link for the feedback is at the bottom of the page.
Thanks to Monilee and Tareq for today's very informative session!
PS: you can find the "old" blog here.
Here in Holland, just a few days before the big move to the US, there’s still some time left to update the only old, old laptop I still have. A few days ago Microsoft released a few updates/patches and if you haven’t updated your computer yet, then it’s time to do the same thing as I do: visit Microsoft Update. In the Security Bulletin there are two “critical” and two “important” updates:
Critical:
- MS09-002 - Cumulative Security Update for Internet Explorer (961260)
- MS09-003 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
Important:
- MS09-004 - Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
- MS09-005 - Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)
A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
See also MSRC blog: February 2009 Monthly Bulletin Release.
Have a wonderful day. Until next time from the other side of the pond…
Safer Internet Day 2009
Safer Internet Day takes place each year in February to promote safer and more responsible use of online technology and mobile phones, especially amongst children and young people across the world
For more information check the website of Ins@fe
It's a bit quiet here, but it has a good reason. My wife and I are moving from Almere, Netherlands to Washington (State) in the USA. The last couple of weeks we were very busy with all the paperwork, red-tape and packing. Not that much though. Many (big) things were just given away to family or friends. Yesterday my wife left for the US and soon I hope to join her there. Then I have to look for a job on the other side of the pond...
In the meanwhile... be sure to check at least the Windows Update web site to check for the latest patches and updates. Check, check and double check. I'll be back shortly... and from the USA...
That’s some news from the Windows Live OneCare Team Blog, OneCare will be discontinued and a new security solution will be released at no costs in June 2009. Don’t know how the new product will look like, but OneCare has been running on all my PC’s and I really did like it.
“The new solution will deliver the same core protection against malware but will not include many of additional non-security features found in many other consumer security suites”, according the press release of yesterday.
More information / Related Links:
On November 11th Microsoft released another few security updates. This time, according to the security bulletin, 1 “critical” and 1 “important” update. But, depending on your configuration, there can be more. See also the “New, Revised, and Released Updates for Microsoft Products Other Than Microsoft Windows”, and, of course, there’s always the Microsoft Windows Malicious Software Removal Tool.
Critical:
- MS08-069 - Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
Important:
- MS08-068 - Vulnerability in SMB Could Allow Remote Code Execution (957097)
A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.
Support:
See also MSRC blog: November 2008 Bulletin Release and for a more details regarding the MS08-068 SMB Credential issue, see the Security Vulnerability Research & Defense blog.
Updated all the machines I maintained and so far no issues here… Have a wonderful day!
Two weeks ago McAfee released their 5th issue of the McAfee Security Journal, formerly known as "Sage". In this issue it's about social engineering techniques. You can download your copy here.
Related links:
Yesterday, at the Microsoft PDC 2008, Ray Ozzie announced in his keynote a new operating environment: Windows Azure, Microsoft’s “Windows in the cloud”. A new service based operating environment.
At the Windows Azure website it’s described as follows:
The Azure™ Services Platform (Azure) is an internet-scale cloud services platform hosted in Microsoft data centers, which provides an operating system and a set of developer services that can be used individually or together.
Azure reduces the need for up-front technology purchases, and it enables developers to quickly and easily create applications running in the cloud by using their existing skills with the Microsoft Visual Studio development environment and the Microsoft .NET Framework. In addition to managed code languages supported by .NET, Azure will support more programming languages and development environments in the near future.
Got your attention? Check it out at: Windows Azure! For event videos and keynote clips go to Presspass.
Last night, European time, Microsoft released an out-of-band security update. This update resolves a vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request.
For more information check the Microsoft Security Bulletin MS08-067. See also Microsoft Security Response Center (MSRC) post: Additional Microsoft Security Bulletin Webcasts and Information Available for MS08-067. For an in-dept technical version check the Microsoft Security Vulnerability Research & Defense blog: More detail about MS08-067, the out-of-band netapi32.dll security update.
In the meantime, move your mouse to the Microsoft Update web site and start patching your system. Me, myself and I have installed it on Windows XP Pro machines and Server 2003 machines without any problem.
Lots of updates this week! Yesterday Microsoft released 4 "critical", 6 "important" and 1 "moderate" updates. Needless to say that if you haven't updated yet then move your mouse over to Microsoft Update web site and start downloading and update your system. Here's the list:
Critical:
- MS08-060 - Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
- MS08-058 - Cumulative Security Update for Internet Explorer (956390)
- MS08-059 - Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)
- MS08-057 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
Important:
- MS08-066 - Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)
- MS08-061 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
- MS08-062 - Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
- MS08-063 - Vulnerability in SMB Could Allow Remote Code Execution (957095)
- MS08-064 - Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)
- MS08-065 - Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)
Moderate:
- MS08-056 - Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
All this and of course the update of the Windows Malicious Software Removal Tool. A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.
You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.
Support:
See also MSRC blog: October 2008 Monthly Bulletin Release and for a more technical version, the Security Vulnerability Research & Defense blog.
So far installed on 5 XP Pro SP3 machines without any problems.
Stay on the safe side and have a great day!
The word is out. Mike Nash announced that the next version of Windows will be called: "Windows 7". The lucky ones who are attending the PDC will hear more details about this new version.
See Mike Nash announcement at: Windows Vista Blog.
If your boss is not convinced yet that you really need to attend the Microsoft PDC (Professional Developers Conference), then try to persuade your boss with this Letter To Your Boss and maybe he/she let you go... ;)
Thanks to Steve Lamb's blog...
Okay, I'm here in Holland. So, we don't really have a "national cyber security awareness month". But still... wherever you are, there should always be cyber security awareness and not only this month. There are always some basic steps to take like keep that firewall running, keep the Windows software updated and run only updated antivirus and spyware software.
For information about this year's events, visit the NCSA (National Cyber Security Alliance) Web site at http://www.staysafeonline.info.
Related link: Microsoft's Security at Home.
Good news: the Windows Live OneCare Team was blogging again and the news is that there's a version of OneCare for server, and in this case especially for Small Business Server 2008, available. Check the OneCare for server web site.
More info at the Windows Live OneCare Team blog article here.
The last week of September is usually a bit weird the last couple if years. Actually for the last 5 years... ;) There's a lot of pacing, sleepless nights and the highlight is always the night of September 30th. Then I hope to receive an email that I'm re-awarded again as Microsoft MVP. You leave the computer running and hope to hear that an email has arrived with the good news... but not this year...
This year, thank goodness my wife Kim was, and still is, visiting family across the pond, the email arrived a bit late... to be exact it was 3:55PM on October 1st. But who cares! It came with the good news! Re-awarded for another year! And yes, I'm as happy as the first time I got it!
This year we couldn't make it to the MVP Summit in Seattle, but next year it will be in March. And Kim and I are definitely going to be there. And hopefully we'll meet some other MVP's from the McAfee Support Forums too. It's time to have a hamburger again with Harry even though he likes to eat them with beets... ;(
See you all in March!
More Posts
Next page »