Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-800-227-8104 Pin: 0336 Information About Microsoft February 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Published byBryan Long Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-800-227-8104 Pin: 0336 Information About Microsoft February 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft."— Presentation transcript:

1 Dial In Number 1-800-227-8104 Pin: 0336 Information About Microsoft February 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation Pete Voss Sr. Response Communications Manager Microsoft Corporation

2 Dial In Number 1-800-227-8104 Pin: 0336 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

3 Dial In Number 1-800-227-8104 Pin: 0336 What We Will Cover Review of February 2012 Bulletin release information:Review of February 2012 Bulletin release information: –New Security Bulletins –Microsoft ® Windows ® Malicious Software Removal Tool –Information About Microsoft Windows Vista ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now

4 Dial In Number 1-800-227-8104 Pin: 0336 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP231321222 Severity Critical IMPACT Important Moderate Low MS12-008MS12-009MS12-010MS12-011MS12-012MS12-013MS12-014MS12-015MS12-016 Windows Internet Explorer Windows.NET & Silverlight Windows Windows Windows Office Office

5 Dial In Number 1-800-227-8104 Pin: 0336 Bulletin Deployment Priority

6 Dial In Number 1-800-227-8104 Pin: 0336 MS12-008: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-5046Critical22 Remote Code Execution Publicly Disclosed CVE-2012-0154Important11 Elevation of Privilege Cooperatively Disclosed Affected Products All supported versions of Windows and Windows Server (except those installed using Server Core) Windows Server 2008 x64 and Windows Server 2008 R2 when installed using Server Core Affected Components Kernel Mode Drivers Deployment Priority 2 Main Target Workstations and Servers Possible Attack Vectors CVE-2011-5046:CVE-2011-5046: Web-based: An attacker could host a specially crafted website that is designed to exploit this vulnerability.Web-based: An attacker could host a specially crafted website that is designed to exploit this vulnerability. Email based: an attacker could exploit the vulnerability by sending a specially crafted email message to the user and convincing the user to preview or open the email.Email based: an attacker could exploit the vulnerability by sending a specially crafted email message to the user and convincing the user to preview or open the email. Local: An attacker could also exploit this vulnerability by running a specially crafted application.Local: An attacker could also exploit this vulnerability by running a specially crafted application. CVE-2012-0154: To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.CVE-2012-0154: To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability. Impact of Attack An attacker could run arbitrary code in kernel mode and take complete control of an affected system.An attacker could run arbitrary code in kernel mode and take complete control of an affected system. Mitigating Factors An attacker would have no way to force a user to visit a malicious website. (CVE-2011-5046)An attacker would have no way to force a user to visit a malicious website. (CVE-2011-5046) An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. (CVE-2012-0154) (CVE-2011-5046 for a local attack only)An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. (CVE-2012-0154) (CVE-2011-5046 for a local attack only) Additional Information Installations using Server Core are affected, excluding Server 2008 and Server 2008 R2 as noted above.Installations using Server Core are affected, excluding Server 2008 and Server 2008 R2 as noted above.

7 Dial In Number 1-800-227-8104 Pin: 0336 MS12-009: Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0148Important13 Elevation of Privilege Cooperatively Disclosed CVE-2012-0149ImportantNA1 Elevation of Privilege Cooperatively Disclosed Affected Products Windows XP x64, Windows Server 2003 (32bit, X64, Itanium), Vista x64, Windows Server 2008 (x64 and Itanium), Windows 7 x64, Windows Server 2008 R2 (x64 and Itanium) Affected Components Ancillary Function Driver Deployment Priority 3 Main Target Workstations Possible Attack Vectors An attacker who is able to log onto the targeted system could then run a specially crafted application that could exploit the vulnerability.An attacker who is able to log onto the targeted system could then run a specially crafted application that could exploit the vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. For CVE-2012-0148, this vulnerability is not exploitable on 32-bit editions of Microsoft Windows.For CVE-2012-0148, this vulnerability is not exploitable on 32-bit editions of Microsoft Windows. Additional Information Installations using Server Core are affected.Installations using Server Core are affected. CVE-2012-0149 only affects versions of Windows Server 2003.CVE-2012-0149 only affects versions of Windows Server 2003.

8 Dial In Number 1-800-227-8104 Pin: 0336 MS12-010: Cumulative Security Update For Internet Explorer (2647516) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0010Moderate Information Disclosure Cooperatively Disclosed CVE-2012-0011Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-0012Important3NA Information Disclosure Cooperatively Disclosed CVE-2012-0155Critical1NA Remote Code Execution Cooperatively Disclosed Affected Products Internet Explorer 6, 7, 8, 9 on all supported versions of Windows (except IE 6 on Windows XP) Internet Explorer 7, 8, 9 on all supported versions of Windows Server; IE 6 on Windows XP (Pro, x64) IE 6 on Windows Server 2003 (Standard, x64, Itanium) Affected Components Internet Explorer Deployment Priority 1 Main Target Workstations Possible Attack Vectors Copy and Paste: An attacker could convince a user to perform a copy operation on some content displayed on this website, and then convince the user to paste this content into a target website. (CVE-2012-0010)Copy and Paste: An attacker could convince a user to perform a copy operation on some content displayed on this website, and then convince the user to paste this content into a target website. (CVE-2012-0010) Browse and Own: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-0011, CVE-2012-0155)Browse and Own: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-0011, CVE-2012-0155) Information Disclosure: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-0012)Information Disclosure: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-0012) Impact of Attack An attacker successfully exploiting this issue could view content from another domain or Internet Explorer zone. (CVE-2012-0010)An attacker successfully exploiting this issue could view content from another domain or Internet Explorer zone. (CVE-2012-0010) An attacker successfully exploiting this issue could gain the same user rights as a logged-on user. (CVE-2012-0011, CVE-2012-0155)An attacker successfully exploiting this issue could gain the same user rights as a logged-on user. (CVE-2012-0011, CVE-2012-0155) An attacker successfully exploiting this issue could view content from the Internet Explorer process memory. (CVE-2012-0012)An attacker successfully exploiting this issue could view content from the Internet Explorer process memory. (CVE-2012-0012) Mitigating Factors By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected.

9 Dial In Number 1-800-227-8104 Pin: 0336 MS12-011: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0017Important1NA Elevation of Privilege Cooperatively Disclosed CVE-2012-0144Important1NA Elevation of Privilege Cooperatively Disclosed CVE-2012-0145Important1NA Elevation of Privilege Cooperatively Disclosed Affected Products Office SharePoint Server 2010, Office SharePoint Foundation 2010 Affected Components SharePoint Server Deployment Priority 3 Main Target Workstations connected to SharePoint Servers. Possible Attack Vectors E-mail based: An attacker could exploit the vulnerability by sending an e-mail message containing the specially crafted URL to the user of the targeted SharePoint site and by convincing the user to click on the specially crafted URL.E-mail based: An attacker could exploit the vulnerability by sending an e-mail message containing the specially crafted URL to the user of the targeted SharePoint site and by convincing the user to click on the specially crafted URL. Web based: An attacker would have to host a Web site that contains a specially crafted URL to the targeted SharePoint site that is used to attempt to exploit this vulnerability.Web based: An attacker would have to host a Web site that contains a specially crafted URL to the targeted SharePoint site that is used to attempt to exploit this vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could read content that the attacker is not authorized to read or use the victim's identity to take actions on the SharePoint site on behalf of the victim.An attacker who successfully exploited this vulnerability could read content that the attacker is not authorized to read or use the victim's identity to take actions on the SharePoint site on behalf of the victim. Mitigating Factors Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack in the Internet Zone.Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack in the Internet Zone. the attacker would not be able to steal the logged-on user's authentication credentials due to the way that SharePoint Server handles the HttpOnly authentication cookie.the attacker would not be able to steal the logged-on user's authentication credentials due to the way that SharePoint Server handles the HttpOnly authentication cookie. Additional Information This update includes a defense-in-depth update to help improve Microsoft SharePoint's handling of web services access controls.This update includes a defense-in-depth update to help improve Microsoft SharePoint's handling of web services access controls.

10 Dial In Number 1-800-227-8104 Pin: 0336 MS12-012: Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2010-5082Important11 Remote Code Execution Publicly Disclosed Affected Products All supported versions of Windows Server 2008 and Windows Server 2008 R2 Affected Components Color Control Panel Deployment Priority 2 Main Target Servers Possible Attack Vectors An attacker could exploit the vulnerability by sending a legitimate file to a user (such as a.icm or.icc file), and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file.An attacker could exploit the vulnerability by sending a legitimate file to a user (such as a.icm or.icc file), and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. An attacker could place a legitimate file (such as a.icm or.icc file) and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file.An attacker could place a legitimate file (such as a.icm or.icc file) and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall.The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as a.icm or.icc file).For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as a.icm or.icc file). Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected. This vulnerability is related to the class of vulnerabilities, described in Microsoft Security Advisory 2269637.This vulnerability is related to the class of vulnerabilities, described in Microsoft Security Advisory 2269637.Microsoft Security Advisory 2269637Microsoft Security Advisory 2269637

11 Dial In Number 1-800-227-8104 Pin: 0336 MS12-013: Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0150Critical11 Remote Code Execution Cooperatively Disclosed Affected Products All supported versions of Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 Affected Components C Run-Time Library Deployment Priority 1 Main Target Workstations and Servers Possible Attack Vectors Email-based: An unauthenticated attacker could exploit the vulnerability by sending a user an email message containing a specially crafted media file and convincing the user to open the media file.Email-based: An unauthenticated attacker could exploit the vulnerability by sending a user an email message containing a specially crafted media file and convincing the user to open the media file. Web-based attack scenario, an attacker would have to host a website that contains a specially crafted media file.Web-based attack scenario, an attacker would have to host a website that contains a specially crafted media file. Impact of Attack An unauthenticated attacker could take complete control of the affected system.An unauthenticated attacker could take complete control of the affected system. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

12 Dial In Number 1-800-227-8104 Pin: 0336 MS12-014: Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2010-3138ImportantNA1 Remote Code Execution Publicly Disclosed Affected Products Windows XP Affected Components Indeo Codec Deployment Priority 2 Main Target Workstations Possible Attack Vectors Email-based: An attacker could exploit the vulnerability by sending a legitimate file to a user (such as an.avi file), and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file.Email-based: An attacker could exploit the vulnerability by sending a legitimate file to a user (such as an.avi file), and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. Network-based: An attacker could place a legitimate file (such as an.avi file) and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file.Network-based: An attacker could place a legitimate file (such as an.avi file) and a specially crafted DLL file in a network share, a UNC, or WebDAV location and then convince the user to open the file. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall.The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. A user must visit an untrusted remote file system location or WebDAV share and open a media file.A user must visit an untrusted remote file system location or WebDAV share and open a media file. Additional Information The Indeo Codec Insecure Library Loading Vulnerability (CVE-2010-3138) addressed by this update is related to the class of vulnerabilities described in Microsoft Security Advisory 2269637.The Indeo Codec Insecure Library Loading Vulnerability (CVE-2010-3138) addressed by this update is related to the class of vulnerabilities described in Microsoft Security Advisory 2269637.Microsoft Security Advisory 2269637Microsoft Security Advisory 2269637

13 Dial In Number 1-800-227-8104 Pin: 0336 MS12-015: Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0019Important1NA Remote Code Execution Cooperatively Disclosed CVE-2012-0020Important1NA Remote Code Execution Cooperatively Disclosed CVE-2012-0136Important3NA Remote Code Execution Cooperatively Disclosed CVE-2012-0137Important3NA Remote Code Execution Cooperatively Disclosed CVE-2012-0138Important3NA Remote Code Execution Cooperatively Disclosed Affected Products Visio Viewer 2010 Affected Components Visio Viewer Deployment Priority 2 Main Target Workstations Possible Attack Vectors Email-based: An attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file.Email-based: An attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file. Web-based: An attacker would have to host a website that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability.Web-based: An attacker would have to host a website that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration

14 Dial In Number 1-800-227-8104 Pin: 0336 MS12-016: Vulnerabilities in.NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2663841) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0014Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-0015CriticalNA1 Remote Code Execution Publicly Disclosed Affected Products Silverlight 4 on Windows Clients, Servers, and on Mac; all supported versions of.Net Framework on all supported versions of Windows and Windows Server (except for.Net Framework 1.1 and 3.5) Affected Components.NET Framework and Silverlight Deployment Priority 2 Main Target Workstations, Servers, and Web Hosting sites Possible Attack Vectors An attacker could host a specially crafted website that contains a specially crafted XBAP (XAML browser application) that could exploit this vulnerability and then convince a user to view the website.An attacker could host a specially crafted website that contains a specially crafted XBAP (XAML browser application) that could exploit this vulnerability and then convince a user to view the website. If a web hosting environment allows users to upload custom ASP.NET applications, an attacker could upload a malicious ASP.NET application that uses this vulnerability.If a web hosting environment allows users to upload custom ASP.NET applications, an attacker could upload a malicious ASP.NET application that uses this vulnerability. This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions.This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions. Impact of Attack Web browsing: An attacker could obtain the same permissions as the currently logged-on user.Web browsing: An attacker could obtain the same permissions as the currently logged-on user. Web hosting: An attacker could obtain the same permissions as the service account associated with the application pool identity of the application pool in which a Microsoft.NET application is running.Web hosting: An attacker could obtain the same permissions as the service account associated with the application pool identity of the application pool in which a Microsoft.NET application is running. Mitigating Factors By default, partial trust ASP.NET applications are not granted SocketPermission.By default, partial trust ASP.NET applications are not granted SocketPermission. An attacker must have permission to upload arbitrary ASP.NET pages to a website and ASP.NET must be installed on that web server.An attacker must have permission to upload arbitrary ASP.NET pages to a website and ASP.NET must be installed on that web server. Additional Information NET Framework 4 and.NET Framework 4 Client Profile affected.NET Framework 4 and.NET Framework 4 Client Profile affected. Installations using Server Core are affected for.Net but not affected for Silverlight.Installations using Server Core are affected for.Net but not affected for Silverlight.

15 Dial In Number 1-800-227-8104 Pin: 0336 Detection & Deployment 1. Except for Silverlight when installed on Mac

16 Dial In Number 1-800-227-8104 Pin: 0336 Other Update Information

17 Dial In Number 1-800-227-8104 Pin: 0336 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: – –Win32/Pramro: A prevalent trojan that is often used by attackers to create a proxy to hide the origin of a bigger attack scheme; it also sends spam email. Win32/Pramro – –Win32/Fareit: A prevalent trojan that steals password, computer and user credentials, and has been observed dropping rogues and bots.Win32/Fareit Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove. www.microsoft.com/malwareremove

18 Dial In Number 1-800-227-8104 Pin: 0336 TechNet is changing! Soon: In late February,In late February, http://technet.microsoft.com/en-us/security/bulletin will be streamlined for easier usehttp://technet.microsoft.com/en-us/security/bulletin Product and service pack dropdown controls will be merged Affected Software lists will be removed from search results New lifecycle information for the Windows, Windows Server, and IE TechCentersLater: This spring, the Product Search and Search by KB tabs will be merged Customers will be able to search by bulletin, CVE, or KB number Information on all bulletins released since 2000 will be downloadable in spreadsheet form The Date control will be modified to allow specific start / end dates The Severity filter will be removed to simplify searches

19 Dial In Number 1-800-227-8104 Pin: 0336 We support Microsoft Windows Vista We have received inquiries about the date for the end of Mainstream support for some editions of Windows Vista. We can confirm that all editions of Vista will exit Mainstream support in April 2012, entering the Extended support phase. In Extended support, users of currently supported editions of Vista Business, Vista Enterprise, Vista Home and Vista Ultimate will continue to receive security updates for five years. Vista SP1 has been out of support since July 2011 and remains out of support. Halo 2 for Windows Vista is nearing the end of its lifecycle and will be taken out of support on October 9, 2012.

20 Dial In Number 1-800-227-8104 Pin: 0336 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspx http://msdn.microsoft.com/en-us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspx www.microsoft.com/technet/security/bulletin/notify.mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx

21 Dial In Number 1-800-227-8104 Pin: 0336 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

22 Dial In Number 1-800-227-8104 Pin: 0336

Download ppt "Dial In Number 1-800-227-8104 Pin: 0336 Information About Microsoft February 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
Services Course Windows Live SkyDrive Participant Guide.

Services Course Windows Live SkyDrive Participant Guide.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Monthly Security Bulletin Briefing

Monthly Security Bulletin Briefing
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.
Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Similar presentations

Ads by Google