Microsoft Security Response Center Blog Alerts

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history.  In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence.  October 2003 ushered in…

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports.

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.  

Revision Note: V3.0 (January 9, 2018): Microsoft has released an update for all supported editions of Microsoft Excel that allows users to set the functionality of the DDE protocol based on their environment. For more information and to download the update, see ADV170021.
Summary: Microsoft is releasing this security advisory to provide information regarding security settings for Microsoft Office applications. This advisory provides guidance on what users can do to ensure that these applications are properly secured when processing Dynamic Data Exchange (DDE) fields.

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

Revision Note: V1.0 (December 12, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory also provides guidance on what on-premises AD administrators can do to ensure that the account is properly secured.

Revision Note: V1.0 (August 8, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information regarding security settings for applications developed with the Microsoft Internet Explorer layout engine, also known as the Trident layout engine. This advisory also provides guidance on what developers and individuals can do to ensure that their applications hosting the WebBrowser Control are properly secured.

Revision Note: V1.0 (June 27, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability.