The goal of this Support Center is to offer global customers a means to quickly find support content related to security and viruses without duplicating the information available on other Microsoft-related sites.
http://support.microsoft.com/default.aspx?pr=security
Thanks to Susan Bradley for pointing this article out. It has some good information on some of the changes coming up in XP Service Pack 2
Windows XP Service Pack 2: A Developer's View
Draft Version for PDC 2003
This document contains preliminary information about the security technologies in Windows XP SP2.
Microsoft Corporation
October 2003
Applies to:
Microsoft® Windows® XP
Summary: With Windows XP Service Pack 2 (SP2), Microsoft is introducing a set of security technologies that will improve Windows XP-based computers' ability to withstand malicious attacks from viruses and worms. The technologies include:
- Network protection
- Memory protection
- Safer email
- Safer browsing
This paper discusses the first two elements on this list.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp
Today Microsoft released the following Security Bulletins.
Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletins Summaries:
Windows – http://www.microsoft.com/technet/security/bulletin/winnov03.asp
Office – http://www.microsoft.com/technet/security/bulletin/offnov03.asp
Critical Bulletins:
MS03-048 – Cumulative Security Update for Internet Explorer (824145)
http://www.microsoft.com/technet/security/bulletin/MS03-048.asp
MS03-049 – Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)
http://www.microsoft.com/technet/security/bulletin/MS03-049.asp
MS03-051 – Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)
http://www.microsoft.com/technet/security/bulletin/MS03-051.asp
Important Bulletins:
MS03-050 – Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)
http://www.microsoft.com/technet/security/bulletin/MS03-050.asp
In addition to the new bulletins above, the following Important bulletin was re-released:
MS02-050 – Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
http://www.microsoft.com/technet/security/bulletin/MS02-050.asp
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.
If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
?>
?>
Microsoft Solutions for Management released two new Solution Accelerators for Patch Management:
- Patch Management with SMS 2003
- Patch Management with Software Update Services (SUS) SP1
For full details, see:
http://www.microsoft.com/technet/itsolutions/msm/default.asp
I'm in the process of compiling a list of security related web sites and forums. I have a pretty extensive list now but would like to solicite your favorites as well. After I compile it, I will post it back here. To contribute, just hit the feedback link below and supply the following:
Name of resource
Description
URL