Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Published byJoel Holmes Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft."— Presentation transcript:

1 Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation Jerry Bryant Group Manager, Response Communications Microsoft Corporation

2 Dial In Number 1-800-227-8104 PIN: 1056 What We Will Cover Review of December 2011 bulletin release information:Review of December 2011 bulletin release information: –New Security Bulletins –Announcements –Microsoft ® Windows ® Malicious Software Removal Tool ResourcesResources Questions and answers: Please Submit NowQuestions and answers: Please Submit Now

3 Dial In Number 1-800-227-8104 PIN: 1056 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP1322213222332 Severity Critical IMPACT Important Moderate Low MS11-087MS11-088MS11-089MS11-090MS11-091MS11-092MS11-093MS11-094MS11-095MS11-096MS11-097MS11-098MS11-099 Windows Windows WindowsWindowsOffice WindowsOffice Windows WindowsOffice Internet Explorer Office Office

4 Dial In Number 1-800-227-8104 PIN: 1056 Bulletin Deployment Priority

5 Dial In Number 1-800-227-8104 PIN: 1056 MS11-087: MS11-087: Vulnerability In Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3402Critical11 Remote Code Execution Publicly Disclosed Affected Products All supported releases of Microsoft Windows, including XP, Server 2003, Vista, Server 2008, Windows 7, and Server 2008 R2 Server 2008, Server 2008 R2 under certain circumstances. See “Additional Information” for details. Affected Components Windows Kernel Deployment Priority 1 Main Target Workstations and Servers Possible Attack Vectors An attacker could exploit this vulnerability if a user opens a specially crafted document or visits a malicious web page that embeds TrueType font files.An attacker could exploit this vulnerability if a user opens a specially crafted document or visits a malicious web page that embeds TrueType font files. Impact of Attack An attacker who successfully exploited this vulnerability could take complete control of the affected system.An attacker who successfully exploited this vulnerability could take complete control of the affected system. Mitigating Factors An attacker would have to convince users to open a specially-crafted document or visit a web site, typically by getting them to click a link in an email or IM message.An attacker would have to convince users to open a specially-crafted document or visit a web site, typically by getting them to click a link in an email or IM message. Additional Information This addresses the vulnerability first described in Microsoft Security Advisory 2639658.This addresses the vulnerability first described in Microsoft Security Advisory 2639658. This update applies with a lower severity rating to supported editions of Server 2008 or Server 2008 R2, when installed using the Server Core installation option.This update applies with a lower severity rating to supported editions of Server 2008 or Server 2008 R2, when installed using the Server Core installation option.

6 Dial In Number 1-800-227-8104 PIN: 1056 MS11-088: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-2010 Important1N/A Elevation of Privilege Cooperatively Disclosed Affected Products All supported editions of Microsoft Office 2010 where Microsoft Pinyin IME 2010 is installed, Microsoft Office Pinyin SimpleFast Style 2010, and Microsoft Office Pinyin New Experience Style 2010. Affected Components Microsoft Pinyin Input Method Editor for Simplified Chinese Deployment Priority 3 Main Target Workstations Possible Attack Vectors An attacker who exposes configuration options in Microsoft Office IME (Chinese) can exploit this vulnerability, and perform specific actions utilizing the MSPY IME toolbar to launch Internet Explorer with system-level privileges.An attacker who exposes configuration options in Microsoft Office IME (Chinese) can exploit this vulnerability, and perform specific actions utilizing the MSPY IME toolbar to launch Internet Explorer with system-level privileges. Impact of Attack An attacker who exploits this vulnerability could run arbitrary code in kernel mode, and then install programs, view, change or delete data, or create new accounts with full user rights.An attacker who exploits this vulnerability could run arbitrary code in kernel mode, and then install programs, view, change or delete data, or create new accounts with full user rights. Mitigating Factors An attacker must have valid logon credentials to log on locally to exploit this vulnerability. The vulnerability cannot be exploited remotely or by anonymous users.An attacker must have valid logon credentials to log on locally to exploit this vulnerability. The vulnerability cannot be exploited remotely or by anonymous users. Additional Information Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected.Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected. This will only be available through the Microsoft Download Center.This will only be available through the Microsoft Download Center.

7 Dial In Number 1-800-227-8104 PIN: 1056 MS11-089: Vulnerabilities In Microsoft Office Could Allow Remote Code Execution (2590602) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-1983 Important11 Remote Code Execution Cooperatively Disclosed Affected Products All supported editions of Office 2007, Office 2010, and Office For Mac 2011 Affected Components Microsoft Word Deployment Priority 2 Main Target Workstations Possible Attack Vectors An attacker could exploit this vulnerability if a user opens a specially crafted Word file.An attacker could exploit this vulnerability if a user opens a specially crafted Word file. Impact of Attack An attacker could gain the same user rights as the exploited logged-on user, which could include installing programs, viewing, changing or deleting data, or create new accounts with full user rights.An attacker could gain the same user rights as the exploited logged-on user, which could include installing programs, viewing, changing or deleting data, or create new accounts with full user rights. Mitigating Factors An attacker could not force a user to visit a specially crafted site.An attacker could not force a user to visit a specially crafted site. An attacker cannot exploit this vulnerability automatically through email; instead, the user would have to click on an attachment in an email message.An attacker cannot exploit this vulnerability automatically through email; instead, the user would have to click on an attachment in an email message. Additional Information NoneNone

8 Dial In Number 1-800-227-8104 PIN: 1056 MS11-090: Cumulative Security Update of ActiveX Kill Bits (2518451) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3397 CriticalN/A1 Remote Code Execution Cooperatively Disclosed Affected Products All supported editions of Windows XP and Windows Server 2003 Affected Components ActiveX Deployment Priority 2 Main Target Servers and Workstations Possible Attack Vectors An attacker could exploit this vulnerability if a user views a specially crafted web page that uses a specific binary behavior in Internet Explorer.An attacker could exploit this vulnerability if a user views a specially crafted web page that uses a specific binary behavior in Internet Explorer. Impact of Attack An attacker who exploits this vulnerability could gain the same user rights as the logged on user.An attacker who exploits this vulnerability could gain the same user rights as the logged on user. Mitigating Factors An attacker would have to convince users to visit a website, typically by getting them to click a link in an email or IM message.An attacker would have to convince users to visit a website, typically by getting them to click a link in an email or IM message. Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected.

9 Dial In Number 1-800-227-8104 PIN: 1056 MS11-091: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-1508ModerateN/AN/A Remote Code Execution Publicly Disclosed CVE-2011-3410ImportantN/A1 Remote Code Execution Cooperatively Disclosed CVE-2011-3411ImportantN/A1 Remote Code Execution Cooperatively Disclosed CVE-2011-3412ImportantN/A2 Remote Code Execution Cooperatively Disclosed Affected Products All supported editions of Microsoft Office 2003 and 2007 Affected Components Microsoft Publisher Deployment Priority 2 Main Target Workstations Possible Attack Vectors An attacker can exploit this vulnerability by creating a specially crafted Publisher file that could be included as an email attachment, or hosted on a specially crafted/compromised web site, and then convince the user to open the specially crafted Publisher file.An attacker can exploit this vulnerability by creating a specially crafted Publisher file that could be included as an email attachment, or hosted on a specially crafted/compromised web site, and then convince the user to open the specially crafted Publisher file. Impact of Attack An attacker who exploits this vulnerability could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights.An attacker who exploits this vulnerability could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights. Mitigating Factors An attacker has to convince the user to visit a web site or open an attachment.An attacker has to convince the user to visit a web site or open an attachment. Additional Information NoneNone

10 Dial In Number 1-800-227-8104 PIN: 1056 MS11-092: Vulnerability In Windows Media Could Allow Remote Code Execution (2648048) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3401Critical11 Remote Code Execution Cooperatively Disclosed Affected Products All supported versions of Windows Affected Components Windows Media Center, Windows Media Player Deployment Priority 1 Main Target Workstations Possible Attack Vectors An attacker can exploit this vulnerability if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file.An attacker can exploit this vulnerability if a user opens a specially crafted Microsoft Digital Video Recording (.dvr-ms) file. Impact of Attack An attacker who exploits this vulnerability could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights.An attacker who exploits this vulnerability could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights. Mitigating Factors An attacker has to convince the user to open the specially crafted media file.An attacker has to convince the user to open the specially crafted media file. Additional Information NoneNone

11 Dial In Number 1-800-227-8104 PIN: 1056 MS11-093: Vulnerability in OLE Could Allow Remote Code Execution (2624667) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3400ImportantN/A1 Remote Code Execution Cooperatively Disclosed Affected Products All supported editions of Windows XP and Windows Server 2003 Affected Components OLE Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors An attacker could exploit this vulnerability if a user opens a file that contains a specially crafted OLE object.An attacker could exploit this vulnerability if a user opens a file that contains a specially crafted OLE object. Impact of Attack An attacker who successfully exploits this vulnerability could take complete control of an affected system, including the ability to install programs; view, change or delete data; or create new accounts with full user rights.An attacker who successfully exploits this vulnerability could take complete control of an affected system, including the ability to install programs; view, change or delete data; or create new accounts with full user rights. Mitigating Factors An attacker has to convince the user to open a malicious attachment contained in an email message.An attacker has to convince the user to open a malicious attachment contained in an email message. Additional Information Windows Vista, Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by this vulnerability.Windows Vista, Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by this vulnerability.

12 Dial In Number 1-800-227-8104 PIN: 1056 MS11-094: Vulnerabilities In Microsoft PowerPoint Could Allow Remote Code Execution (2639142) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3396Important11 Remote Code Execution Cooperatively Disclosed CVE-2011-3413ImportantN/A2 Remote Code Execution Cooperatively Disclosed Affected Products Office 2007, Office 2010, Office 2008 for Mac, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, PowerPoint Viewer 2007 Affected Components PowerPoint Deployment Priority 2 Main Target Workstations Possible Attack Vectors CVE-2011-3396:CVE-2011-3396: In a network attack scenario, an attacker could place a legitimate file and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file.In a network attack scenario, an attacker could place a legitimate file and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file. In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a legitimate file attachment to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file.In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a legitimate file attachment to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. CVE-2011-3413:CVE-2011-3413: In a Web-based attack scenario, an attacker would have to convince users to visit the Web site and open the specially crafted PowerPoint fileIn a Web-based attack scenario, an attacker would have to convince users to visit the Web site and open the specially crafted PowerPoint file In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted PowerPoint file to the user and convincing the user to open the file.In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted PowerPoint file to the user and convincing the user to open the file. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability.The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability. An attacker cannot force a user to open a malicious file or to place files in a specific directory.An attacker cannot force a user to open a malicious file or to place files in a specific directory. Additional Information This bulletin is related to Security Advisory 2269637.This bulletin is related to Security Advisory 2269637.

13 Dial In Number 1-800-227-8104 PIN: 1056 MS11-095: Vulnerability In Active Directory Could Allow Remote Code Execution (2640045) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3406Important11 Remote Code Execution Cooperatively Disclosed Affected Products Windows XP, Windows Server 2003 (Standard, Itanium, x64), Vista, Windows Server 2008 Standard and x64), Windows 7, Windows Server 2008 R2 x64 Affected Components ADAM, Active Directory, AD LDS Deployment Priority 2 Main Target Servers Possible Attack Vectors An attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.An attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. Impact of Attack An attacker who successfully exploited this vulnerability could take complete control of the affected system.An attacker who successfully exploited this vulnerability could take complete control of the affected system. Mitigating Factors In order to successfully exploit this vulnerability, an attacker must have member account credentials within the target Active Directory domain.In order to successfully exploit this vulnerability, an attacker must have member account credentials within the target Active Directory domain. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

14 Dial In Number 1-800-227-8104 PIN: 1056 MS11-096: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3403ImportantN/A1 Remote Code Execution Cooperatively Disclosed Affected Products Microsoft Office 2003 SP3, Office 2004 for Mac Affected Components Excel Deployment Priority 2 Main Target Workstations Possible Attack Vectors In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Excel file to the user and by convincing the user to open the file.In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Excel file to the user and by convincing the user to open the file. In a Web-based attack scenario, an attacker would have to host a Web site that contains an Excel file that is used to attempt to exploit this vulnerability.In a Web-based attack scenario, an attacker would have to host a Web site that contains an Excel file that is used to attempt to exploit this vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors An attacker would have no way to force users to visit these Web sites or to open malicious files.An attacker would have no way to force users to visit these Web sites or to open malicious files. Additional Information When the Office File Validation feature is enabled in Microsoft Excel 2003, malicious files attempting to exploit this issue are not opened automatically.When the Office File Validation feature is enabled in Microsoft Excel 2003, malicious files attempting to exploit this issue are not opened automatically.

15 Dial In Number 1-800-227-8104 PIN: 1056 MS11-097: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3408Important11 Elevation of Privilege Cooperatively Disclosed Affected Products All supported versions of Windows and Windows Server Affected Components Windows Client/Server Run-time Subsystem (CSRSS) Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to send a device event message to a higher-integrity process.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application designed to send a device event message to a higher-integrity process. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

16 Dial In Number 1-800-227-8104 PIN: 1056 MS11-098: Vulnerability In Windows Kernel Could Allow Elevation of Privilege (2633171) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-2018Important11 Elevation of Privilege Cooperatively Disclosed Affected Products Windows XP, Windows Server 2003, Vista, Windows 7 Affected Components Kernel Deployment Priority 3 Main Target Workstations Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over an affected system.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over an affected system. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.The vulnerability could not be exploited remotely or by anonymous users. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

17 Dial In Number 1-800-227-8104 PIN: 1056 MS11-099: Cumulative Security Update For Internet Explorer (2618444) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-1992 Important33 Information Disclosure Cooperatively Disclosed CVE-2011-2019 Important1N/A Remote Code Execution Cooperatively Disclosed CVE-2011-3404ModerateN/AN/A Information Disclosure Cooperatively Disclosed Affected Products IE6, IE7, IE 8 and IE 9 on all supported versions of Windows clients. IE6, IE7, IE 8 and IE 9 on all supported versions of Windows servers. Affected Components Internet Explorer Deployment Priority 2 Main Target Workstations Possible Attack Vectors CVE-2011-1992 & CVE-2011-3404:CVE-2011-1992 & CVE-2011-3404: Browse and Own: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site.Browse and Own: An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. CVE 2011-2019:CVE 2011-2019: An attacker could exploit a vulnerability that exists in the way Internet Explorer loads libraries.An attacker could exploit a vulnerability that exists in the way Internet Explorer loads libraries. Impact of Attack CVE-2011-1992 & CVE-2011-3404:CVE-2011-1992 & CVE-2011-3404: An attacker could view content from another domain or Internet Explorer zone.An attacker could view content from another domain or Internet Explorer zone. CVE-2011-2019:CVE-2011-2019: An attacker could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights.An attacker could take complete control of an affected system, including installing programs, view, change or delete data, or create new accounts with full user rights. Mitigating Factors The Server Message Block (SMB) is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability.The Server Message Block (SMB) is often disabled on the perimeter firewall. This limits the potential attack vectors for this vulnerability. An attacker could not force a user to visit a specially crafted site.An attacker could not force a user to visit a specially crafted site. Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected.

18 Dial In Number 1-800-227-8104 PIN: 1056 Detection & Deployment # Microsoft Office Pinyin SimpleFast Style Available Through Download Center * Except For Windows XP Media Center Edition 2005 SP3 ** Except For Office 2008 For Mac *** Except For Office 2004 For Mac

19 Dial In Number 1-800-227-8104 PIN: 1056 Other Update Information

20 Dial In Number 1-800-227-8104 PIN: 1056 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: –Win32/Helompy: This is an AutoIt worm that propagates via removable drives, network share, email, and IM. It aims to steal Web credentials for various services, including Facebook, eBay, and Gmail. The worm contacts a remote host in order to download arbitrary files and to upload stolen personal information. Win32/Helompy: Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove. www.microsoft.com/malwareremove

21 Dial In Number 1-800-227-8104 PIN: 1056 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspx http://msdn.microsoft.com/en-us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspx www.microsoft.com/technet/security/bulletin/notify.mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx

22 Dial In Number 1-800-227-8104 PIN: 1056 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

23 Dial In Number 1-800-227-8104 PIN: 1056

Download ppt "Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft."

Similar presentations

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.

NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Monthly Security Bulletin Briefing

Monthly Security Bulletin Briefing
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

Similar presentations

Ads by Google