The Microsoft Security Response Center (MSRC) Updated : Information on Microsoft Security Advisory 961509 Hi everyone. This is Maarten Van Horenbeeck. I just joined the Microsoft Security Response Center a few months ago, and am the program manager working on the issue described in Microsoft Security Advisory (961509), which we just released.   Earlier today, two researchers presented at a security conference on a novel way of implementing collision attacks on digital certificates signed using the MD5 algorithm. Attacks on MD5 have been known for some time, but were never considered to be very ... Publ.Date : Tue, 30 Dec 2008 18:08:00 GMT Questions about Vulnerability Claim in Windows Media Player Happy holidays to everyone. While it’s been a snowy holiday season for us in the Pacific Northwest (some of us are still snowed in), the MSRC never closes and we are always working to help keep customers safe. In that vein, we’ve received some questions about a vulnerability report that was initially posted late on Christmas eve.  When we saw it we set our teams to work over the holidays to investigate it. They’ve wrapped up their investigation and since we’ve gotten questions on it... Publ.Date : Mon, 29 Dec 2008 20:02:00 GMT Tuesday 12/23 Update: Microsoft Security Advisory 961040 Hello, Bill here,   I want to provide you with a quick update regarding our recently released security advisory.   In the advisory we provide a workaround to help customers protect themselves from attackers trying to exploit this vulnerability.  Customers have told us that it’s helpful when we provide information and guidance on how to automate the deployment of workarounds, so we have taken this a step further and worked with the SQL Engineering Team to providing Enterprise an... Publ.Date : Wed, 24 Dec 2008 00:51:00 GMT Microsoft Security Advisory 961040 Hello, Bill here,   I wanted to let you know that we have just posted Microsoft Security Advisory (961040). This advisory contains information regarding public reports of a vulnerability in SQL Server that could allow for remote code execution. We are aware that exploit code has been published on the Internet; however, we are not aware of any attacks attempting to use the reported vulnerability.   To successfully exploit this vulnerability an attacker must be local, or remote, authent... Publ.Date : Mon, 22 Dec 2008 23:34:00 GMT MS08-078 Released Hello, Mike here, Today we released security update MS08-078, protecting customers from active attacks against Internet Explorer.   This update will be applied automatically to hundreds of millions of customers through automatic updates over the next few days.  And, for our enterprise customers - with multiple systems within their networks – this update can be deployed through all standard security update management systems including, SCCM, SMS, WSUS, and Windows Update as of 10... Publ.Date : Wed, 17 Dec 2008 19:28:00 GMT RSS feeds Increased Web Site Traffic