Recently Published

November 2009

Security Bulletins

• Microsoft Security Bulletin Summary for November 2009
  
• Microsoft Security Bulletin MS09-068
  

  Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)

• Microsoft Security Bulletin MS09-067
  

  Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

• Microsoft Security Bulletin MS09-066
  

  Vulnerability in Active Directory Could Allow Denial of Service (973309)

• Microsoft Security Bulletin MS09-065
  

  Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

• Microsoft Security Bulletin MS09-064
  

  Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)

• Microsoft Security Bulletin MS09-063
  

  Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)

October 2009

Security Bulletins

• Microsoft Security Bulletin Summary for October 2009
  
• Microsoft Security Bulletin MS09-062
  

  Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

• Microsoft Security Bulletin MS09-061
  

  Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

• Microsoft Security Bulletin MS09-060
  

  Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow
  Remote Code Execution (973965)

• Microsoft Security Bulletin MS09-059
  

  Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

• Microsoft Security Bulletin MS09-058
  

  Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)

• Microsoft Security Bulletin MS09-057
  

  Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)

• Microsoft Security Bulletin MS09-056
  

  Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)

• Microsoft Security Bulletin MS09-055
  

  Cumulative Security Update of ActiveX Kill Bits (973525)

• Microsoft Security Bulletin MS09-054
  

  Cumulative Security Update for Internet Explorer (974455)

• Microsoft Security Bulletin MS09-053
  

  Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)

• Microsoft Security Bulletin MS09-052
  

  Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)

• Microsoft Security Bulletin MS09-051
  

  Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

• Microsoft Security Bulletin MS09-050
  

  Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)

Other Security-Related Content

• Security Tip of the Month – October 2009
  

  Using BinScope Binary Analyzer to Improve Code Security

September 2009

Security Bulletins

• Microsoft Security Bulletin Summary for September 2009
  
• Microsoft Security Bulletin MS09-049
  

  Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710)

• Microsoft Security Bulletin MS09-048
  

  Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)

• Microsoft Security Bulletin MS09-047
  

  Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)

• Microsoft Security Bulletin MS09-046
  

  Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)

• Microsoft Security Bulletin MS09-045
  

  Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)

Other Security-Related Content

• Learning Path: Planning Security Into Your Cloud Strategy
  

August 2009

Security Bulletins

• Microsoft Security Bulletin Summary for August 2009
  
• Microsoft Security Bulletin MS09-044
  

  Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927)

• Microsoft Security Bulletin MS09-043
  

  Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)

• Microsoft Security Bulletin MS09-042
  

  Vulnerability in Telnet Could Allow Remote Code Execution (960859)

• Microsoft Security Bulletin MS09-041
  

  Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)

• Microsoft Security Bulletin MS09-040
  

  Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
  

• Microsoft Security Bulletin MS09-039
  

  Vulnerabilities in WINS Could Allow Remote Code Execution (969883)
  

• Microsoft Security Bulletin MS09-038
  

  Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

• Microsoft Security Bulletin MS09-037
  

  Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)

• Microsoft Security Bulletin MS09-036
  

  Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957)

July 2009

Security Bulletins

• Microsoft Security Bulletin Summary for July 2009
  
• Microsoft Security Bulletin MS09-035
  

  Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

• Microsoft Security Bulletin MS09-034
  

  Cumulative Security Update for Internet Explorer (972260)

• Microsoft Security Bulletin MS09-033
  

  Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)

• Microsoft Security Bulletin MS09-032
  

  Cumulative Security Update of ActiveX Kill Bits (973346)

• Microsoft Security Bulletin MS09-031
  

  Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)

• Microsoft Security Bulletin MS09-030
  

  Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516)

• Microsoft Security Bulletin MS09-029
  

  Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)

• Microsoft Security Bulletin MS09-028
  

  Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)

Other Security-Related Content

• Learning Path: Providing Security for an Evolving IT Infrastructure
  

June 2009

Security Bulletins

• Microsoft Security Bulletin Summary for June 2009
  
• Microsoft Security Bulletin MS09-027
  

  Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)

• Microsoft Security Bulletin MS09-026
  

  Vulnerability in RPC Could Allow Elevation of Privilege (970238)

• Microsoft Security Bulletin MS09-025
  

  Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)

• Microsoft Security Bulletin MS09-024
  

  Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)

• Microsoft Security Bulletin MS09-023
  

  Vulnerability in Windows Search Could Allow Information Disclosure (963093)

• Microsoft Security Bulletin MS09-022
  

  Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

• Microsoft Security Bulletin MS09-021
  

  Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)

• Microsoft Security Bulletin MS09-020
  

  Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)

• Microsoft Security Bulletin MS09-019
  

  Cumulative Security Update for Internet Explorer (969897)

• Microsoft Security Bulletin MS09-018
  

  Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)

Other Security-Related Content

• Security Viewpoint – June 2009
  

  What's New in Internet Explorer 8 (IE8) Security

• Security MVP Article of the Month – June 2009
  

  Securing the Client Infrastructure

May 2009

Security Bulletins

• Microsoft Security Bulletin Summary for May 2009
  
• Microsoft Security Bulletin MS09-017
  

  Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)

Other Security-Related Content

• Security Viewpoint – May 2009
  

  Security Viewpoint: Impersonation and the Access Control List

April 2009

Security Bulletins

• Microsoft Security Bulletin Summary for April 2009
  
• Microsoft Security Bulletin MS09-016
  

  Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)

• Microsoft Security Bulletin MS09-015
  

  Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)

• Microsoft Security Bulletin MS09-014
  

  Cumulative Security Update for Internet Explorer (963027)

• Microsoft Security Bulletin MS09-013
  

  Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)

• Microsoft Security Bulletin MS09-012
  

  Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)

• Microsoft Security Bulletin MS09-011
  

  Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)

• Microsoft Security Bulletin MS09-010
  

  Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)

• Microsoft Security Bulletin MS09-009
  

  Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)

Other Security-Related Content

• Security MVP Article – April 2009
  

  Data Validation – Step One in Improving the Security of Your Web Applications

March 2009

Security Bulletins

• Microsoft Security Bulletin Summary for March 2009
  
• Microsoft Security Bulletin MS09-008
  

  Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)

• Microsoft Security Bulletin MS09-007
  

  Vulnerability in SChannel Could Allow Spoofing (960225)

• Microsoft Security Bulletin MS09-006
  

  Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

Other Security-Related Content

• Hyper-V Security Guide
  
• Security Viewpoint – March 2009
  

  Windows 7 Security Enhancements

• Learning Path: Strengthening Content Management Security
  

February 2009

Security Bulletins

• Microsoft Security Bulletin Summary for February 2009
  
• Microsoft Security Bulletin MS09-005
  

  Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)

• Microsoft Security Bulletin MS09-004
  

  Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)

• Microsoft Security Bulletin MS09-003
  

  Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)

• Microsoft Security Bulletin MS09-002
  

  Cumulative Security Update for Internet Explorer (961260)

Other Security-Related Content

• Conficker Worm: Protect Windows from Conficker.A and Conficker.B
  

January 2009

Security Bulletins

• Microsoft Security Bulletin Summary for January 2009
  
• Microsoft Security Bulletin MS09-001
  

  Vulnerabilities in SMB Could Allow Remote Code Execution (958687)

Other Security-Related Content

• Security MVP Article of the Month – January 2009
  

  Safeguarding Remote Access in a Connected World

December 2008

Security Bulletins

• Microsoft Security Bulletin Summary for December 2008
  
• Microsoft Security Bulletin MS08-078
  

  Security Update for Internet Explorer (960714)

• Microsoft Security Bulletin MS08-077
  

  Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)

• Microsoft Security Bulletin MS08-076
  

  Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)

• Microsoft Security Bulletin MS08-075
  

  Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)

• Microsoft Security Bulletin MS08-074
  

  Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

• Microsoft Security Bulletin MS08-073
  

  Cumulative Security Update for Internet Explorer (958215)

• Microsoft Security Bulletin MS08-072
  

  Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)

• Microsoft Security Bulletin MS08-071
  

  Vulnerabilities in GDI Could Allow Remote Code Execution (956802)

• Microsoft Security Bulletin MS08-070
  

  Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Other Security-Related Content

• Security Tip of the Month – December 2008
  

  Security Considerations in High Performance Computing

November 2008

Security Bulletins

• Microsoft Security Bulletin Summary for November 2008
  
• Microsoft Security Bulletin MS08-069
  

  Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

• Microsoft Security Bulletin MS08-068
  

  Vulnerability in SMB Could Allow Remote Code Execution (957097)

Other Security-Related Content

• Learning Path: Securing Business Intelligence
  

October 2008

Security Bulletins

• Microsoft Security Bulletin Summary for October 2008
  
• Microsoft Security Bulletin MS08-067
  

  Vulnerability in Server Service Could Allow Remote Code Execution (958644)

• Microsoft Security Bulletin MS08-066
  

  Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege (956803)

• Microsoft Security Bulletin MS08-065
  

  Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)

• Microsoft Security Bulletin MS08-064
  

  Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841)

• Microsoft Security Bulletin MS08-063
  

  Vulnerability in SMB Could Allow Remote Code Execution (957095)

• Microsoft Security Bulletin MS08-062
  

  Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)

• Microsoft Security Bulletin MS08-061
  

  Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)

• Microsoft Security Bulletin MS08-060
  

  Vulnerability in Active Directory Could Allow Remote Code Execution (957280)

• Microsoft Security Bulletin MS08-059
  

  Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

• Microsoft Security Bulletin MS08-058
  

  Cumulative Security Update for Internet Explorer (956390)

• Microsoft Security Bulletin MS08-057
  

  Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)

• Microsoft Security Bulletin MS08-056
  

  Vulnerability in Message Queuing Could Allow Remote Code Execution (951071)

Other Security-Related Content

• Learning Path: Securing the Client Infrastructure
  
• Security Viewpoint – October 2008
  

  Untangling the Confusion of Client Security

• Security Tip of the Month – October 2008
  

  Who, Where, When? Simple Tools for Auditing in the Enterprise

• Microsoft Exploitability Index
  

September 2008

Security Bulletins

• Microsoft Security Bulletin Summary for September 2008
  
• Microsoft Security Bulletin MS08-055
  

  Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)

• Microsoft Security Bulletin MS08-054
  

  Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)

• Microsoft Security Bulletin MS08-053
  

  Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)

• Microsoft Security Bulletin MS08-052
  

  Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)

Other Security-Related Content

• Learning Path: Reducing Application Complexity with Virtualization
  
• Security Viewpoint – September 2008
  

  Security in a Virtual World

• Security Tip of the Month – September 2008
  

  Planning for Hyper-V Security

August 2008

Security Bulletins

• Microsoft Security Bulletin Summary for August 2008
  
• Microsoft Security Bulletin MS08-051
  

  Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)

• Microsoft Security Bulletin MS08-050
  

  Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)

• Microsoft Security Bulletin MS08-049
  

  Vulnerabilities in Event System Could Allow Remote Code Execution (950974)

• Microsoft Security Bulletin MS08-048
  

  Security Update for Outlook Express and Windows Mail (951066)

• Microsoft Security Bulletin MS08-047
  

  Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)

• Microsoft Security Bulletin MS08-046
  

  Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)

• Microsoft Security Bulletin MS08-045
  

  Cumulative Security Update for Internet Explorer (953838)

• Microsoft Security Bulletin MS08-044
  

  Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)

• Microsoft Security Bulletin MS08-043
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)

• Microsoft Security Bulletin MS08-042
  

  Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)

• Microsoft Security Bulletin MS08-041
  

  Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)

Other Security-Related Content

• Learning Path: Managing Controlled Partner Access and Outsourcing
  
• Security Tip of the Month – August 2008
  

  Fine Tune Your Security Audit Policies

July 2008

Security Bulletins

• Microsoft Security Bulletin Summary for July 2008
  
• Microsoft Security Bulletin MS08-040
  

  Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)

• Microsoft Security Bulletin MS08-039
  

  Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)

• Microsoft Security Bulletin MS08-038
  

  Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)

• Microsoft Security Bulletin MS08-037
  

  Vulnerabilities in DNS Could Allow Spoofing (953230)

Other Security-Related Content

• Learning Path: Identifying the Changing Threat Landscape
  
• Security Viewpoint – July 2008
  

  Inside the Windows Vista Kernel

June 2008

Security Bulletins

• Microsoft Security Bulletin Summary for June 2008
  
• Microsoft Security Bulletin MS08-036
  

  Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

• Microsoft Security Bulletin MS08-035
  

  Vulnerability in Active Directory Could Allow Denial of Service (953235)

• Microsoft Security Bulletin MS08-034
  

  Vulnerability in WINS Could Allow Elevation of Privilege (948745)

• Microsoft Security Bulletin MS08-033
  

  Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

• Microsoft Security Bulletin MS08-032
  

  Cumulative Security Update of ActiveX Kill Bits (950760)

• Microsoft Security Bulletin MS08-031
  

  Cumulative Security Update for Internet Explorer (950759)

• Microsoft Security Bulletin MS08-030
  

  Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)

Other Security-Related Content

• Learning Path: Simplifying the Management of Your Network Security
  
• Viewpoint - June 2008
  

  Understanding Defense in Depth

• Security MVP Article of the Month - June 2008
  

  Defense in Depth Using Microsoft Security Products and Solutions

May 2008

Security Bulletins

• Microsoft Security Bulletin Summary for May 2008
  
• Microsoft Security Bulletin MS08-029
  

  Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

• Microsoft Security Bulletin MS08-028
  

  Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

• Microsoft Security Bulletin MS08-027
  

  Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)

• Microsoft Security Bulletin MS08-026
  

  Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)

Other Security-Related Content

• Learning Path: Improving Database Security with SQL Server 2008
  
• Viewpoint - May 2008
  

  Security and Privacy: Twins of Different Mothers

• Security MVP Article of the Month - May 2008
  

  Privacy Issues - Business Disabler or Enabler?

April 2008

Security Bulletins

• Microsoft Security Bulletin Summary for April 2008
  
• Microsoft Security Bulletin MS08-025
  

  Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)

• Microsoft Security Bulletin MS08-024
  

  Cumulative Security Update for Internet Explorer (947864)

• Microsoft Security Bulletin MS08-023
  

  Security Update of ActiveX Kill Bits (948881)

• Microsoft Security Bulletin MS08-022
  

  Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)

• Microsoft Security Bulletin MS08-021
  

  Vulnerabilities in GDI Could Allow Remote Code Execution (948590)

• Microsoft Security Bulletin MS08-020
  

  Vulnerability in DNS Client Could Allow Spoofing (945553)

• Microsoft Security Bulletin MS08-019
  

  Vulnerability in Microsoft Visio Could Allow Remote Code Execution (949032)

• Microsoft Security Bulletin MS08-018
  

  Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)

Other Security-Related Content

• Learning Path: Securing Your Environment with Microsoft Forefront
  
• Microsoft BlueHat Security Briefings: Spring 2008 Sessions
  
• Security MVP Article of the Month - April 2008
  

  Security and Application Development in SharePoint: First Steps

• Security Tip of the Month - April 2008
  

  Laying the Foundation for the Microsoft Security Development Lifecycle: Implementing the Principles

• Viewpoint - April 2008
  

  Building Security into Windows Vista and the Microsoft Culture

March 2008

Security Bulletins

• Microsoft Security Bulletin Summary for March 2008
  
• Microsoft Security Bulletin MS08-017
  

  Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)

• Microsoft Security Bulletin MS08-016
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)

• Microsoft Security Bulletin MS08-015
  

  Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)

• Microsoft Security Bulletin MS08-014
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)

Other Security-Related Content

• Learning Path: Securing Your Environment by Collaborating Effectively
  
• Viewpoint - March 2008
  

  Providing Defense in Depth for Your Desktop Deployment Projects

• Security Tip of the Month - March 2008
  

  Initial Considerations for Secure Deployment

February 2008

Security Bulletins

• Microsoft Security Bulletin Summary for February 2008
  
• Microsoft Security Bulletin MS08-013
  

  Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108)

• Microsoft Security Bulletin MS08-012
  

  Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)

• Microsoft Security Bulletin MS08-011
  

  Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)

• Microsoft Security Bulletin MS08-010
  

  Cumulative Security Update for Internet Explorer (944533)

• Microsoft Security Bulletin MS08-009
  

  Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077)

• Microsoft Security Bulletin MS08-008
  

  Vulnerability in OLE Automation Could Allow Remote Code Execution (947890)

• Microsoft Security Bulletin MS08-007
  

  Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026)

• Microsoft Security Bulletin MS08-006
  

  Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)

• Microsoft Security Bulletin MS08-005
  

  Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)

• Microsoft Security Bulletin MS08-004
  

  Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)

• Microsoft Security Bulletin MS08-003
  

  Vulnerability in Active Directory Could Allow Denial of Service (946538)

Other Security-Related Content

• Learning Path: Windows Server 2008: Security Overview
  
• Viewpoint - February 2008
  

  Supporting Your Family, Friends, and Neighbors

• Security MVP Article of the Month - February 2008
  

  Serving as Unofficial Security Support for Family and Friends

January 2008

Security Bulletins

• Microsoft Security Bulletin Summary for January 2008
  
• Microsoft Security Bulletin MS08-002
  

  Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)

• Microsoft Security Bulletin MS08-001
  

  Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)

Other Security-Related Content

• Learning Path: Improving Network Compliance with Windows Server 2008 Network Access Protection
  
• Security MVP Article of the Month - January 2008
  

  Improve Security Through Meaningful Security Policies

• Viewpoint - January 2008
  

  Security Policies in the Application Development Process

December 2007

Security Bulletins

• Microsoft Security Bulletin Summary for December 2007
  
• Microsoft Security Bulletin MS07-069
  

  Cumulative Security Update for Internet Explorer (942615)

• Microsoft Security Bulletin MS07-068
  

  Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275)

• Microsoft Security Bulletin MS07-067
  

  Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)

• Microsoft Security Bulletin MS07-066
  

  Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)

• Microsoft Security Bulletin MS07-065
  

  Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)

• Microsoft Security Bulletin MS07-064
  

  Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)

• Microsoft Security Bulletin MS07-063
  

  Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)

Other Security-Related Content

• Learning Path: Securing the Desktop Infrastructure
  
• Security MVP Article of the Month - December 2007
  

  Windows Server 2008 in an Organization's Defense in Depth Strategy

• Viewpoint - December 2007
  

  Server Security: Less is More

November 2007

Security Bulletins

• Microsoft Security Bulletin Summary for November 2007
  
• Microsoft Security Bulletin MS07-062
  

  Vulnerability in DNS Could Allow Spoofing (941672)

• Microsoft Security Bulletin MS07-061
  

  Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460)

Other Security-Related Content

• 2007 Microsoft Office Security Guide
  
• Learning Path: Managing Your Remote Devices
  
• Security MVP Article of the Month - November 2007
  

  Top 5 Exchange Server 2007 Security Best Practices

• Viewpoint - November 2007
  

  Risky Business: The Mobile Device Security Disconnect

• Security Tip of the Month - November 2007
  

  Anywhere Access and Mobile Security

October 2007

Security Bulletins

• Microsoft Security Bulletin Summary for October 2007
  
• Microsoft Security Bulletin MS07-060
  

  Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)

• Microsoft Security Bulletin MS07-059
  

  Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017)

• Microsoft Security Bulletin MS07-058
  

  Vulnerability in RPC Could Allow Denial of Service (933729)

• Microsoft Security Bulletin MS07-057
  

  Cumulative Security Update for Internet Explorer (939653)

• Microsoft Security Bulletin MS07-056
  

  Security Update for Outlook Express and Windows Mail (941202)

• Microsoft Security Bulletin MS07-055
  

  Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)

Other Security-Related Content

• Learning Path: Protecting Your Data Records
  
• Security MVP Article of the Month - October 2007
  

  Be Secure When Interoping

• Viewpoint - October 2007
  

  When It Comes to Protection from Vulnerabilities, Process Trumps “Many Eyes”

• Security Tip of the Month - October 2007
  

  Securing the Gateway to Your Enterprise: Web Services

September 2007

Security Bulletins

• Microsoft Security Bulletin Summary for September 2007
  
• Microsoft Security Bulletin MS07-054
  

  Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution (942099)

• Microsoft Security Bulletin MS07-053
  

  Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778)

• Microsoft Security Bulletin MS07-052
  

  Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522)

• Microsoft Security Bulletin MS07-051
  

  Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827)

Other Security-Related Content

• Learning Path: Managing Updates and Safeguarding Your Systems
  
• Microsoft BlueHat Security Briefings: Fall 2007 Sessions and Interviews
  
• Security MVP Article of the Month - September 2007
  

  Time-Based Blind SQL Injection with Heavy Queries

• Viewpoint - September 2007
  

  The “De-perimeterization” of Networks

• Security Tip of the Month - September 2007
  

  Adding “Kick” to Your Remote Access Security Policies with Intelligent Application Gateway 2007

August 2007

Security Bulletins

• Microsoft Security Bulletin Summary for August 2007
  
• Microsoft Security Bulletin MS07-050
  

  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)

• Microsoft Security Bulletin MS07-049
  

  Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)

• Microsoft Security Bulletin MS07-048
  

  Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)

• Microsoft Security Bulletin MS07-047
  

  Vulnerability in Windows Media Player Could Allow Remote Code Execution (936782)

• Microsoft Security Bulletin MS07-046
  

  Vulnerability in GDI Could Allow Remote Code Execution (938829)

• Microsoft Security Bulletin MS07-045
  

  Cumulative Security Update for Internet Explorer (937143)

• Microsoft Security Bulletin MS07-044
  

  Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)

• Microsoft Security Bulletin MS07-043
  

  Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)

• Microsoft Security Bulletin MS07-042
  

  Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)

Other Security-Related Content

• Learning Path: Protecting Your Sensitive Data from Malware
  
• Security MVP Article of the Month - August 2007
  

  Role of Security in Infrastructure Optimization

• Viewpoint - August 2007
  

  Securing Data in Hosted Applications

• Security Tip of the Month - August 2007
  

  User Account Control and SQL Server

July 2007

Security Bulletins

• Microsoft Security Bulletin Summary for July 2007
  
• Microsoft Security Bulletin MS07-041
  

  Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373)

• Microsoft Security Bulletin MS07-040
  

  Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)

• Microsoft Security Bulletin MS07-039
  

  Vulnerability in Windows Active Directory Could Allow Remote Code Execution (926122)

• Microsoft Security Bulletin MS07-038
  

  Vulnerability in Windows Vista Firewall Could Allow Information Disclosure (935807)

• Microsoft Security Bulletin MS07-037
  

  Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (936548)

• Microsoft Security Bulletin MS07-036
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)

Other Security-Related Content

• Security Researcher Acknowledgments for Microsoft Online Services
  
• Security Guidance for Windows Server Update Services (WSUS)
  
• Malware Removal Starter Kit
  
• Learning Path: Managing Network Security Challenges
  
• Security MVP Article of the Month - July 2007
  

  Security Is a Business Requirement

• Viewpoint - July 2007
  

  Who Can You Trust to Help You Secure and Manage Your Microsoft IT Infrastructure?

• Security Tip of the Month - July 2007
  

  Six Easy Pieces for Computer Security

June 2007

Security Bulletins

• Microsoft Security Bulletin Summary for June 2007
  
• Microsoft Security Bulletin MS07-035
  

  Vulnerability in Win32 API Could Allow Remote Code Execution (935839)

• Microsoft Security Bulletin MS07-034
  

  Cumulative Security Update for Outlook Express and Windows Mail (929123)

• Microsoft Security Bulletin MS07-033
  

  Cumulative Security Update for Internet Explorer (933566)

• Microsoft Security Bulletin MS07-032
  

  Vulnerability in Windows Vista Could Allow Information Disclosure (931213)

• Microsoft Security Bulletin MS07-031
  

  Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)

• Microsoft Security Bulletin MS07-030
  

  Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)

Other Security-Related Content

• Security MVP Article of the Month - June 2007
  

  Securing Sensitive Information: Protecting Your Network Against Information Leakage

• Viewpoint - June 2007
  

  Protect Your Data-Everything Else Is Just Plumbing

• Security Tip of the Month - June 2007
  

  Read the EULA.... No, Really Read It

• Windows Server 2008 Security Guide: Executive Overview
  
• Learning Path: Reducing the Challenges and Complexities of Identity and Access Management
  

May 2007

Security Bulletins

• Microsoft Security Bulletin Summary for May 2007
  
• Microsoft Security Bulletin MS07-029
  

  Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (935966)

• Microsoft Security Bulletin MS07-028
  

  Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)

• Microsoft Security Bulletin MS07-027
  

  Cumulative Security Update for Internet Explorer (931768)

• Microsoft Security Bulletin MS07-026
  

  Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

• Microsoft Security Bulletin MS07-025
  

  Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873)

• Microsoft Security Bulletin MS07-024
  

  Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)

• Microsoft Security Bulletin MS07-023
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)

Other Security-Related Content

• Security MVP Article of the Month - May 2007
  

  Security Acumen: Business First

• Viewpoint - May 2007
  

  Enabling a Strategic IT Infrastructure with Microsoft Forefront and Microsoft System Center

• Security Tip of the Month - May 2007
  

  Improving Management of Client Anti-Malware Solutions

• Security Process Map
  
• Data Encryption Toolkit for Mobile PCs: Planning and Implementation Guide
  
• Data Encryption Toolkit for Mobile PCs: Microsoft Encrypting File System Assistant
  
• Microsoft BlueHat Security Briefings: Spring 2007 Sessions and Interviews
  
• Learning Path: Simplifying Security Infrastructure with Microsoft Forefront
  

April 2007

Security Bulletins

• Microsoft Security Bulletin Summary for April 2007
  
• Microsoft Security Bulletin MS07-022
  

  Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)

• Microsoft Security Bulletin MS07-021
  

  Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)

• Microsoft Security Bulletin MS07-020
  

  Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)

• Microsoft Security Bulletin MS07-019
  

  Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)

• Microsoft Security Bulletin MS07-018
  

  Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)

• Microsoft Security Bulletin MS07-017
  

  Vulnerabilities in GDI Could Allow Remote Code Execution (925902)

Other Security-Related Content

• Security MVP Article of the Month - April 2007
  

  Reliable Repositories: Using Microsoft Forefront Security for SharePoint to Defend Collaboration

• Viewpoint - April 2007
  

  A Fresh Look at Compliance in SharePoint Server 2007

• Security Tip of the Month - April 2007
  

  Making SharePoint Resources Safe for Remote Workers

• Data Encryption Toolkit for Mobile PCs - Security Analysis
  
• Learning Path: Securing Internal and External Access to Corporate Resources
  

March 2007

Security Bulletins

• Microsoft Security Bulletin Summary for March 2007
  

Other Security-Related Content

• Security MVP Article of the Month - March 2007
  

  Malicious Software: One Person's Perspective

• Viewpoint - March 2007
  

  Malware Revolution: A Change in Target

• Security Tip of the Month - March 2007
  

  Why Create a Security Incident Response Process

• Microsoft Office Visio 2007 Connector for the Microsoft Baseline Security Analyzer (MBSA) 2.0
  

  Available for MBSA 2.0, the connector lets you view the results of a Microsoft Baseline Security Analyzer scan in a clear, comprehensive Microsoft Office Visio 2007 network diagram.

• Learning Path: Securing Your Messaging Infrastructure
  

February 2007

Security Bulletins

• Microsoft Security Bulletin Summary for February 2007
  
• Microsoft Security Bulletin MS07-016
  

  Cumulative Security Update for Internet Explorer (928090)

• Microsoft Security Bulletin MS07-015
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554)

• Microsoft Security Bulletin MS07-014
  

  Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434)

• Microsoft Security Bulletin MS07-013
  

  Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)

• Microsoft Security Bulletin MS07-012
  

  Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)

• Microsoft Security Bulletin MS07-011
  

  Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436)

• Microsoft Security Bulletin MS07-010
  

  Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135)

• Microsoft Security Bulletin MS07-009
  

  Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution(927779)

• Microsoft Security Bulletin MS07-008
  

  Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)

• Microsoft Security Bulletin MS07-007
  

  Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)

• Microsoft Security Bulletin MS07-006
  

  Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)

• Microsoft Security Bulletin MS07-005
  

  Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)

Other Security-Related Content

• Microsoft Baseline Security Analyzer 2.1
  
• Viewpoint - February 2007
  

  The Evolution of Identity

• Security MVP Article of the Month - February 2007
  

  Deploying RMS into a Large Enterprise

• Security Tip of the Month - February 2007
  

  Updating Your Deployment with RMS SP2

January 2007

Security Bulletins

• Microsoft Security Bulletin Summary for January 2007
  
• Microsoft Security Bulletin MS07-004
  

  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)

• Microsoft Security Bulletin MS07-003
  

  Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)

• Microsoft Security Bulletin MS07-002
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)

• Microsoft Security Bulletin MS07-001
  

  Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)

Other Security-Related Content

• Viewpoint - January 2007
  

  Secure Mobile Applications – an Oxymoron?

• Security MVP Article of the Month - January 2007
  

  Understanding the Windows Mobile Security Model

• Security Tip of the Month - January 2007
  

  How to Set Up a Wireless Network with a Security Infrastructure

• Learning Path: Enabling Security Management through Active Directory Group Policy
  

  Use these resources for guidance on how to lock down your network to create an accessible yet flexible secured environment.

• Fundamental Computer Investigation Guide For Windows
  
• Data Encryption Toolkit for Mobile PCs - Overview
  

December 2006

Security Bulletins

• Microsoft Security Bulletin Summary for December 2006
  
• Microsoft Security Bulletin MS06-078
  

  Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)

• Microsoft Security Bulletin MS06-077
  

  Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)

• Microsoft Security Bulletin MS06-076
  

  Cumulative Security Update for Outlook Express (923694)

• Microsoft Security Bulletin MS06-075
  

  Vulnerability in Windows Could Allow Elevation of Privilege (926255)

• Microsoft Security Bulletin MS06-074
  

  Vulnerability in SNMP Could Allow Remote Code Execution (926247)

• Microsoft Security Bulletin MS06-073
  

  Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)

• Microsoft Security Bulletin MS06-072
  

  Cumulative Security Update for Internet Explorer (925454)

Other Security-Related Content

• Learning Path: Improving the Intelligence of Your Gateway Security
  

  If you want to build a comprehensive SSL-secured access platform that will help you extend and manage the reach of your information systems, check out these resources and get in-depth guidance on edge solutions, including Microsoft Internet Security and Acceleration (ISA) Server 2006 and the Whale Intelligent Application Gateway (IAG).

• Security Viewpoint - December 2006
  

  Data Protection: The Convergence of Backup, Archive, and Disaster Recovery

• Security MVP Article of the Month - December 2006
  

  Data Recovery and Encrypting File System (EFS)

• Security Tip of the Month - December 2006
  

  Hardening Guide for Microsoft Windows Rights Management Services

November 2006

Security Bulletins

• Microsoft Security Bulletin Summary for November 2006
  
• Microsoft Security Bulletin MS06-071
  

  Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088)

• Microsoft Security Bulletin MS06-070
  

  Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)

• Microsoft Security Bulletin MS06-069
  

  Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)

• Microsoft Security Bulletin MS06-068
  

  Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213)

• Microsoft Security Bulletin MS06-067
  

  Cumulative Security Update for Internet Explorer (922760)

• Microsoft Security Bulletin MS06-066
  

  Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution (923980)

Other Security-Related Content

• Learning Path: Deploying Microsoft Identity and Access Management Technologies
  

  Use these resources to learn more about deploying identity and access management solutions, including directory services, identity life-cycle management, access management, and more.

• Security Viewpoint - November 2006
  

  Simplifying Client Security Without Sacrificing Protection

• Security MVP Article of the Month - November 2006
  

  Deploying Secure Clients in a Business Environment

• Security Tip of the Month - November 2006
  

October 2006

Security Bulletins

• Microsoft Security Bulletin Summary for October 2006
  
• Microsoft Security Bulletin MS06-065
  

  Vulnerability In Windows Object Packager Could Allow Remote Code Execution (924496)

• Microsoft Security Bulletin MS06-064
  

  Vulnerabilities in TCP/IP Could Allow Denial of Service (922819)

• Microsoft Security Bulletin MS06-063
  

  Vulnerability in Server Service Could Allow Denial of Service (923414)

• Microsoft Security Bulletin MS06-062
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)

• Microsoft Security Bulletin MS06-061
  

  Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)

• Microsoft Security Bulletin MS06-060
  

  Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)

• Microsoft Security Bulletin MS06-059
  

  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)

• Microsoft Security Bulletin MS06-058
  

  Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)

• Microsoft Security Bulletin MS06-057
  

  Vulnerability in Windows Explorer Could Allow Remote Code Execution (923191)

• Microsoft Security Bulletin MS06-056
  

  Vulnerability in ASP.NET Could Allow Information Disclosure (922770)

Other Security-Related Content

• Microsoft BlueHat Security Briefings: Fall 2006 Sessions and Interviews
  
• Security Viewpoint - October 2006
  

  Applying the Principle of Least Privilege to Windows Vista

• Security Tip of the Month - October 2006
  

  BitLocker™ Drive Encryption and Disk Sanitation

• Security MVP Article of the Month - October 2006
  

  Getting to Know User Account Control

• Learning Path: Multiple-Layer Defense for Secure Messaging
  

  Use these resources to learn about a broad range of Microsoft security solutions that can help protect your messaging environment.

• Learning Path: Unifying Malware Protection for Better Desktop Defense
  

  Use these resources to find malware protection solutions to help guard against emerging threats like spyware and rootkits, as well as traditional threats such as viruses, worms, and Trojan horses.

September 2006

Security Bulletins

• Microsoft Security Bulletin Summary for September 2006
  
• Microsoft Security Bulletin MS06-055
  

  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)

• Microsoft Security Bulletin MS06-054
  

  Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)

• Microsoft Security Bulletin MS06-053
  

  Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)

• Microsoft Security Bulletin MS06-052
  

  Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007)

Other Security-Related Content

• Securing Critical and Service Accounts
  
• Learning Path: Improving Branch Office Security
  

  Use these resources to increase your efficiency, reliability, and security when connecting to remote-site branch offices.

• Security Management - September 2006
  

  Microsoft Is Committed to Interoperability with its Network Access Protection Solution

• Security MVP Article of the Month - September 2006
  

  Do You Know Who Is Using Your Network?

• Security Tip of the Month - September 2006
  

  Quarantine Control for VPN Roaming Clients in ISA Server

August 2006

Security Bulletins

• Microsoft Security Bulletin Summary for August 2006
  
• Microsoft Security Bulletin MS06-051
  

  Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422)

• Microsoft Security Bulletin MS06-050
  

  Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)

• Microsoft Security Bulletin MS06-049
  

  Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)

• Microsoft Security Bulletin MS06-048
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)

• Microsoft Security Bulletin MS06-047
  

  Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)

• Microsoft Security Bulletin MS06-046
  

  Vulnerability in HTML Help Could Allow Remote Code Execution (922616)

• Microsoft Security Bulletin MS06-045
  

  Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398)

• Microsoft Security Bulletin MS06-044
  

  Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917008)

• Microsoft Security Bulletin MS06-043
  

  Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214)

• Microsoft Security Bulletin MS06-042
  

  Cumulative Security Update for Internet Explorer (918899)

• Microsoft Security Bulletin MS06-041
  

  Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)

• Microsoft Security Bulletin MS06-040
  

  Vulnerability in Server Service Could Allow Remote Code Execution (921883)

Other Security-Related Content

• How to Protect Insiders from Social Engineering Threats
  
• How to Support Smart Card Logon for Remote Access VPN Connections
  
• Strategies for Managing Malware Risks
  
• How to Protect E-Mail Confidentiality in Regulated Industries
  
• Protecting a Network from Unmanaged Clients
  
• Security Monitoring and Attack Detection
  
• Secure Wireless Access Point Configuration
  
• Approaches to Fighting Spam in an Exchange Server Environment
  
• Learning Path: Reinforcing Perimeter Defense
  

  Learn about the latest integrated edge security technology and best practices for designing your perimeter network.

• Security Management - August 2006
  

  Messaging and Collaboration: Security Challenges and Solutions

• Security MVP Article of the Month - August 2006
  

  Spam Management

• Security Tip of the Month - August 2006
  

  Improve the Security of Remote Access to Exchange Server with RPC over HTTP

July 2006

Security Bulletins

• Microsoft Security Bulletin Summary for July 2006
  
• Microsoft Security Bulletin MS06-039
  

  Vulnerability in Microsoft Office Could Allow Remote Code Execution (915384)

• Microsoft Security Bulletin MS06-038
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284)

• Microsoft Security Bulletin MS06-037
  
• Microsoft Security Bulletin MS06-036
  

  Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388)

• Microsoft Security Bulletin MS06-035
  

  Vulnerability in Server Service Could Allow Remote Code Execution (917159)

• Microsoft Security Bulletin MS06-034
  

  Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537)

• Microsoft Security Bulletin MS06-033
  

  Vulnerability in ASP.NET Could Allow Information Disclosure (917283)

Other Security-Related Content

• Learning Path: Client Security: Present and Future
  

  Find webcasts, virtual labs, and other resources to help you enhance your client security.

• Security Management - July 2006
  

  Partnering with Microsoft Security Partners

• Security MVP Article of the Month - July 2006
  

  Security Career Advancement: "Cracking" into the Security Industry in Just 92 Easy Steps

• Security Tip of the Month - July 2006
  

  Finding the Right Security Partner

June 2006

Security Bulletins

• Microsoft Security Bulletin Summary for June 2006
  
• Microsoft Security Bulletin MS06-032
  

  Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)

• Microsoft Security Bulletin MS06-031
  

  Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)

• Microsoft Security Bulletin MS06-030
  

  Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)

• Microsoft Security Bulletin MS06-029
  

  Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)

• Microsoft Security Bulletin MS06-028
  

  Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)

• Microsoft Security Bulletin MS06-027
  

  Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)

• Microsoft Security Bulletin MS06-026
  

  Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)

• Microsoft Security Bulletin MS06-025
  

  Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)

• Microsoft Security Bulletin MS06-024
  

  Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)

• Microsoft Security Bulletin MS06-023
  

  Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)

• Microsoft Security Bulletin MS06-022
  

  Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)

• Microsoft Security Bulletin MS06-021
  

  Cumulative Security Update for Internet Explorer (916281)

Other Security-Related Content

• Learning Path: Securing Enterprise Collaboration: Risks vs. Rewards
  

  Find webcasts, virtual labs, and other resources on how a multiple-layer defense plan can help you keep your network more secure.

• Don't Get Caught Between a Rock and a Hard Place: Regulatory Compliance and Security Updates
  
• Regulatory Compliance Planning Guide
  
• Security Management - June 2006
  

  Achieving Compliance

• Security MVP Article of the Month - June 2006
  

  Auditing and Reporting Regulatory Compliance using MOM and ECC ECAR

• Security Tip of the Month - June 2006
  

  IT Audit Process

May 2006

Security Bulletins

• Microsoft Security Bulletin Summary for May 2006
  
• Microsoft Security Bulletin MS06-020
  

  Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)

• Microsoft Security Bulletin MS06-019
  

  Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803)

• Microsoft Security Bulletin MS06-018
  

  Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)

Other Security-Related Content

• Learning Path: Connecting to Your Customers More Securely
  

  Find webcasts, virtual labs, and other resources to help you strengthen the security of your network and help protect your customers’ transactions.

• Learning Path: Security Fundamentals
  

  Combine Microsoft technology with tools and guidance to help build a secure foundation for your IT infrastructure. Learn about technologies intrinsic to the operating system that help make computers more resilient to attacks and provide the foundation upon which you can build your other technology investments.

• Security Management - May 2006
  

  Ten Principles of Microsoft Patch Management

• Security MVP Article of the Month - May 2006
  

  Patch Management

• Security Tip of the Month - May 2006
  

  Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy

April 2006

Security Bulletins

• Microsoft Security Bulletin Summary for April 2006
  
• Microsoft Security Bulletin MS06-017
  

  Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)

• Microsoft Security Bulletin MS06-016
  

  Cumulative Security Update for Outlook Express (911567)

• Microsoft Security Bulletin MS06-015
  

  Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)

• Microsoft Security Bulletin MS06-014
  

  Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)

• Microsoft Security Bulletin MS06-013
  

  Cumulative Security Update for Internet Explorer (912812)

Other Security-Related Content

• Learning Path: Security Lockdown: Utilizing Standard Microsoft Tools to Secure Your Network
  

  Learn about tools that enable end users in your organization to lock down their own environment and help protect their desktops.

• Security Management - April 2006
  

  Are Smart Cards the New Way of Life?

• Security MVP Article of the Month - April 2006
  

  Planning Your Smart Card Deployment: The Importance of Policy and Process

• Security Tip of the Month - April 2006
  

  Microsoft Certificate Lifecycle Manager Beta 1

March 2006

Security Bulletins

• Microsoft Security Bulletin Summary for March 2006
  
• Microsoft Security Bulletin MS06-012
  

  Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)

• Microsoft Security Bulletin MS06-011
  

  Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)

Other Security-Related Content

• Learning Path: Using Active Directory to Lock Down Your Network
  

  Find webcasts, virtual labs, and other resources that show how you can use Active Directory to help establish secure administrative policies and practices.

• Security Management - March 2006
  

  Dynamic Security Protection: Reviewing IE7 Security Enhancements

• Security MVP Article of the Month - March 2006
  

  Browser Security: Concepts and Terms

• Security Tip of the Month - March 2006
  

  Internet Explorer 7 Helps Users Fight against Phishing

February 2006

Security Bulletins

• Microsoft Security Bulletin Summary for February 2006
  
• Microsoft Security Bulletin MS06-010
  

  Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)

• Microsoft Security Bulletin MS06-009
  

  Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)

• Microsoft Security Bulletin MS06-008
  

  Vulnerability in Web Client Service Could Allow Remote Code Execution (911927)

• Microsoft Security Bulletin MS06-007
  

  Vulnerability in TCP/IP Could Allow Denial of Service (913446)

• Microsoft Security Bulletin MS06-006
  

  Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)

• Microsoft Security Bulletin MS06-005
  

  Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)

• Microsoft Security Bulletin MS06-004
  

  Cumulative Security Update for Internet Explorer (910620)

Other Security-Related Content

• Security Management - February 2006
  

  It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct

• Security MVP Article of the Month - Feburary 2006
  

  Improving Identity Management in the Enterprise: Getting Started

• Security Tip of the Month - Feburary 2006
  

  Administrating the Administrators

January 2006

Security Bulletins

• Microsoft Security Bulletin Summary for January 2006
  
• Microsoft Security Bulletin MS06-003
  

  Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)

• Microsoft Security Bulletin MS06-002
  

  Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)

• Microsoft Security Bulletin MS06-001
  

  Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)

• Microsoft Security Advisory (912840)
  

  Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

• Microsoft Security Advisory (912920)
  

  Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6 2006.

Other Security-Related Content

• Learning Path: Security Update Management
  

  Managing security updates is an issue of critical importance to system administrators and IT managers. Microsoft offers a number of learning resources to help you with this process. Find webcasts, virtual labs, and other resources that can help you assess your environment and implement an effective security update management strategy.

• The Threats and Countermeasures Guide v2.0
  

  The updated Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft Windows operating systems.

• The Windows Server 2003 Security Guide v2.0
  

  The updated Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Microsoft Windows Server 2003 with Service Pack 1 (SP1).

December 2005

• Microsoft Security Advisory (911302)
  

  Vulnerability in the way Internet Explorer Handles Mismatched Document Object Model Objects Could Allow Remote Code Execution

• Security Management - December 2005
  

  Microsoft Small Business Server and Security: It's All About Risk Management!

• Security Tip of the Month - December 2005
  

  ISA Server Port Scan Alerts

• Windows Platform Common Criteria Certification
  

  Learn how the recent Common Criteria certification of Windows platform products, combined with Microsoft's focus on the Security Development Lifecycle, offers customers an even greater level of assurance in product security and quality.

• Microsoft Security Bulletin Summary for December 2005
  
• Microsoft Security Bulletin MS05-055
  

  Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)

• Microsoft Security Bulletin MS05-054
  

  Cumulative Security Update for Internet Explorer (905915)

November 2005

• Microsoft Security Advisory (910550)
  

  Macromedia Security Bulletin: MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability

• Microsoft Security Advisory (911052)
  

  Memory Allocation Denial of Service Via RPC

• Security Management - November 2005
  

  How to Shoot Yourself in the Foot with Security, Part 2: To ACL or Not to ACL

• Security Tip of the Month - November 2005
  

  Virtual Private Network Quarantine

• Microsoft Security Bulletin Summary for November 2005
  
• Microsoft Security Bulletin MS05-053
  

  Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

October 2005

• Microsoft Security Advisory (909444)
  

  Various Issues After Installing Microsoft Security Bulletin MS05-051 on Systems That Have Non-default File Permissions

• Windows XP Security Guide V2.1
  
• Steve Ballmer Details Microsoft's Security Strategy
  
• Security Tip of the Month - October 2005
  

  Rootkits: The Obscure Hacker Attack

• Security Management - October 2005
  

  Frequently Asked Questions About Passwords

• Microsoft Security Bulletin Summary for October 2005
  
• Microsoft Security Bulletin MS05-052
  

  Cumulative Security Update for Internet Explorer (896688)

• Microsoft Security Bulletin MS05-051
  

  Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

• Microsoft Security Bulletin MS05-050
  

  Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

• Microsoft Security Bulletin MS05-049
  

  Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

• Microsoft Security Bulletin MS05-048
  

  Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

• Microsoft Security Bulletin MS05-047
  

  Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

• Microsoft Security Bulletin MS05-046
  

  Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

• Microsoft Security Bulletin MS05-045
  

  Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

• Microsoft Security Bulletin MS05-044
  

  Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)

September 2005

• Microsoft Shared Computer Toolkit for Windows XP Handbook
  
• Security Management - September 2005
  

  How to Shoot Yourself in the Foot with Security

• Security Tip of the Month - September 2005
  

  Ten Tips for Designing, Building, and Deploying More Secure Web Applications

• Updated: Identity and Access Management Series V 1.3
  

August 2005

• Microsoft Security Advisory (906267)
  

  A COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit

• Microsoft Security Advisory (897663)
  

  Windows Firewall Exception May Not Display in the User Interface

• What You Should Know About Zotob
  
• Microsoft Security Advisory (904797)
  

  Vulnerability in Remote Desktop Protocol (RDP) Could Lead to Denial of Service

• Microsoft Security Advisory (899588)
  

  Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege

• Microsoft Security Advisory (906267)
  

  A COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit

• Microsoft Office Visio 2003 Connector for the Microsoft Baseline Security Analyzer (MBSA) 2.0
  

  Updated version lets you view the results of a Microsoft Baseline Security Analyzer scan (v1.2.1 or V2.0) in a clear, comprehensive Microsoft Office Visio 2003 network diagram.

• Security Management - August 2005
  

  802.1X on Wired Networks Considered Harmful

• Security Tip of the Month - August 2005
  

  Security and Compliance Solutions Guidance

• Microsoft Security Bulletin Summary for August 2005
  

  http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx

• Microsoft Security Bulletin MS05-043
  

  Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)

• Microsoft Security Bulletin MS05-042
  

  Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)

• Microsoft Security Bulletin MS05-041
  

  Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)

• Microsoft Security Bulletin MS05-040
  

  Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)

• Microsoft Security Bulletin MS05-039
  

  Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)

• Microsoft Security Bulletin MS05-038
  

  Cumulative Security Update for Internet Explorer (896727)

July 2005

• Windows Server Update Services
  

  Windows Server Update Services (WSUS) simplifies the process of keeping Windows-based systems current with the latest updates, with minimal administrative intervention.

• Microsoft Baseline Security Analyzer 2.0
  

  MBSA 2.0 scans for missing security updates and common security misconfigurations. It offers an improved user experience, expanding product support and can be used in conjunction with Microsoft Update and Windows Server Update Services.

• Microsoft Security Advisory (903144)
  

  A COM Object (Javaprxy.dll) Could Cause Internet Explorer to Unexpectedly Exit

• Security Management - July 2005
  

  Trustworthy Administrators

• Security MVP Article of the Month - July 2005
  

  Responding to Regulatory Compliance: Microsoft and Manakoa Technology Foundations

• Security Tip of the Month - July 2005
  

  Dealing With Multiple Identity Stores

• Microsoft Security Bulletin Summary for July 2005
  
• Microsoft Security Bulletin MS05-037
  

  Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)

• Microsoft Security Bulletin MS05-036
  

  Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

• Microsoft Security Bulletin MS05-035
  

  Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)

June 2005

• Microsoft Security Advisory (902333)
  

  Browser Windows Without Indications of Their Origins may be Used in Phishing Attempts

• Microsoft Security Advisory (891861)
  

  Release of Update Rollup 1 for Windows 2000 Service Pack 4 (SP4)

• Security Management - June 2005
  

  Security in Operation (4/4): Managing Security

• Security MVP Article of the Month - June 2005
  

  The Business Value of Security

• Security Tip of the Month - June 2005
  

  The Urgent Need to Implement E-Mail Authentication

• Deploying Authenticode with Cryptographic Hardware for Secure Software Publishing
  
• Identity and Access Management Series v1.2
  
• The Services and Service Accounts Security Planning Guide
  
• Microsoft Security Bulletin Summary for June 2005
  
• Microsoft Security Bulletin MS05-034
  

  Vulnerability in Microsoft ISA Server Could allow Information Disclosure (899753)

• Microsoft Security Bulletin MS05-033
  

  Vulnerability in Telnet Client Could Allow Information Disclosure (896428)

• Microsoft Security Bulletin MS05-032
  

  Vulnerability in Microsoft Agent Could Allow Spoofing (890046)

• Microsoft Security Bulletin MS05-031
  

  Vulnerability in Microsoft Windows Interactive Training Could Allow Remote Code Execution (898458)

• Microsoft Security Bulletin MS05-030
  

  Cumulative Security Update for Outlook Express (897715)

• Microsoft Security Bulletin MS05-029
  

  Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attacks (895179)

• Microsoft Security Bulletin MS05-028
  

  Vulnerability in Web Client Service Could Allow Remote Code Execution (896426)

• Microsoft Security Bulletin MS05-027
  

  Vulnerability in SMB Could Allow Remote Code Execution (896422)

• Microsoft Security Bulletin MS05-026
  

  Vulnerabilities in HTML Help Could Allow Remote Code Execution (896358)

• Microsoft Security Bulletin MS05-025
  

  Cumulative Security Update for Internet Explorer (883939)

• Updated: Security Tools Page
  

  Added security update management tools Microsoft Update and Windows Server Update Services

• Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
  
• The Secure Access Using Smart Cards Planning Guide
  
• The Security Monitoring and Attack Detection Planning Guide
  

May 2005

• Microsoft Security Advisory (899480)
  

  Vulnerability in TCP Could Allow Connection Reset

• The Administrator Accounts Security Guide
  
• Security MVP Article of the Month - May 2005
  

  Testing Your Web Applications for Cross-Site Scripting Vulnerabilities

• Security Management - May 2005
  

  Security in Operation (3/4): Patches in Hours

• Microsoft Security Bulletin Summary for May 2005
  
• Microsoft Security Bulletin MS05-024
  

  Vulnerability in Web View Could Allow Remote Code Execution (894320)

• Microsoft Security Advisories
  
• Microsoft Security Advisory (892313)
  

  Default Setting in Windows Media Player Digital Rights Management Could Allow a User to Open a Web Page Without Requesting Permission

• Microsoft Security Advisory (842851)
  

  Clarification Of The SMTP Tar Pit Feature That Is Provided For Exchange Server 2003 in Windows Server 2003 Service Pack 1

April 2005

• Microsoft Office Visio 2003 Connector for the Microsoft Baseline Security Analyzer (MBSA)
  

  Lets you view the results of a Microsoft Baseline Security Analyzer scan in a clear, comprehensive Microsoft Office Visio 2003 network diagram.

• Security MVP Article of the Month - April 2005
  

  How ISA Server 2004 Provides SSL VPN Functionality for Outlook Web Access and RPC over HTTP

• Security Management - April 2005
  

  Security in Operation (2/4): When an Issue Affects Multiple Products

• Security Management - April 2005
  

  Security Myths

• Microsoft Security Bulletin Summary for April 2005
  
• Microsoft Security Bulletin MS05-023
  

  Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)

• Microsoft Security Bulletin MS05-022
  

  Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597)

• Microsoft Security Bulletin MS05-021
  

  Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)

• Microsoft Security Bulletin MS05-020
  

  Cumulative Security Update for Internet Explorer (890923)

• Microsoft Security Bulletin MS05-019
  

  Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

• Microsoft Security Bulletin MS05-018
  

  Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

• Microsoft Security Bulletin MS05-017
  

  Vulnerability in Message Queuing Could Allow Code Execution (892944)

• Microsoft Security Bulletin MS05-016
  

  Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

March 2005

• Server and Domain Isolation Using IPsec and Group Policy
  
• Service Management Functions
  
• Security Tip of the Month - March 2005
  

  Phishing - Hook, Line and Sinker

• Security Management - March 2005
  

  Security Myths

• Security Management - March 2005
  

  Security in Operation (Part 1 of 4): Windows, Linux and Security Notifications

February 2005

• Microsoft Security Bulletin Summary for February 2005
  
• Microsoft Security Bulletin MS05-015
  

  Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)

• Microsoft Security Bulletin MS05-014
  

  Cumulative Security Update for Internet Explorer (867282)

• Microsoft Security Bulletin MS05-013
  

  Vulnerability in the DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (891781)

• Microsoft Security Bulletin MS05-012
  

  Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)

• Microsoft Security Bulletin MS05-011
  

  Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)

• Microsoft Security Bulletin MS05-010
  

  Vulnerability in the License Logging Service Could Allow Code Execution (885834)

• Microsoft Security Bulletin MS05-009
  

  Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)

• Microsoft Security Bulletin MS05-008
  

  Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

• Microsoft Security Bulletin MS05-007
  

  Vulnerability in Windows Could Allow Information Disclosure (888302)

• Microsoft Security Bulletin MS05-006
  

  Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks (887981)

• Microsoft Security Bulletin MS05-005
  

  Vulnerability in Microsoft Office XP could allow Remote Code Execution (873352)

• Microsoft Security Bulletin MS05-004
  

  ASP.NET Path Validation Vulnerability (887219)

• Security Management - February 2005
  

  The Case of the Stolen Laptop: Mitigating the Threats of Equipment Theft

• Security MVP Article of the Month - February 2005
  

  Virus Management: Overview of the Malicious Software Removal Tool

• Security Tip of the Month - February 2005
  

  Making Web Browsing More Secure

• Adding and Securing a Computer Running Windows Server 2003 in a Windows Small Business Server 2003 Active Directory Domain
  
• Adding and Securing a Computer Running Windows XP Professional by Using Windows Small Business Server 2003
  
• Backing Up and Recovering Data
  
• Backing Up and Restoring Data for Windows 2000 Server
  
• Backing Up and Restoring Data for Windows Server 2003
  
• Backing Up and Restoring Windows Small Business Server 2003
  
• Building an Enterprise Root Certification Authority in Small and Medium Businesses
  
• Deploying Patches with Software Update Services 1.0
  
• Deploying Updates with Windows Update and Automatic Updates
  
• Enforcing Strong Password Usage Throughout Your Organization
  
• How to Configure Enhanced Security Features for Internet Explorer from Windows XP SP2
  
• How to Configure Windows Firewall in a Small Business Environment using Group Policy
  
• How to Configure Windows Firewall on a Single Computer
  
• How to Configure Windows XP SP2 Network Protection Technologies in a Small Business Environment
  
• How to Configure Windows XP SP2 Network Protection Technologies on a Single Computer
  
• Network Ports Used by Key Microsoft Server Products
  
• Protecting Clients from Network Attacks
  
• Protecting Data by Using EFS to Encrypt Hard Drives
  
• Protecting Sensitive Information from Theft on Windows XP Professional in a Workgroup
  
• Responding to IT Security Incidents
  
• Securing a Client Computer Running Microsoft Windows XP Professional in a Windows Server 2003 Active Directory Domain
  
• Securing Active Directory Administrative Groups and Accounts
  
• Securing Internet Information Services 5.0 and 5.1
  
• Securing Internet Information Services 6.0
  
• Securing Remote Access
  
• Securing Remote Clients and Portable Computers
  
• Securing Windows 2000 Domain Controllers
  
• Securing Windows 2000 Professional Clients in a Windows Server Environment
  
• Securing Windows 2000 Professional in a Peer-to-Peer Networking Environment
  
• Securing Windows Server 2003 Domain Controllers
  
• Securing Windows XP Professional Clients in a Windows Server Environment
  
• Securing Windows XP Professional in a Peer-to-Peer Networking Environment
  
• Securing Your Network: Identifying SMB Network Perimeters
  
• Securing Your Windows Small Business Server 2003 Network
  
• Selecting Secure Passwords
  
• Software Update Services 2.0 Overview
  
• Updating a Windows Small Business Server 2003 Network Using Software Update Services Server 1.0
  
• Using Microsoft Office Outlook 2003 to Limit Junk E-Mail Messages
  

January 2005

• Microsoft Security Bulletin Summary for January 2005
  
• Microsoft Security Bulletin MS05-003
  

  Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)

• Microsoft Security Bulletin MS05-002
  

  Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

• Microsoft Security Bulletin MS05-001
  

  Vulnerability in HTML Help Could Allow Code Execution (890175)

• Security Management - January 2005
  

  Using IPsec for Network Protection. Part 2 of 2

• Security MVP Article of the Month - January 2005
  

  Computer Forensics: Disk Imaging Overview

• Security Tip of the Month - January 2005
  

  It Seems So Easy to Gain Access: Social Engineering

December 2004

• Updated: Securing Wireless LANs with Certificate Services Guide
  
• Security Management - December 2004
  

  Using IPsec for Network Protection: Part 1 of 2

• Security Management - December 2004
  

  The Great Debates: Pass Phrases vs. Passwords. Part 3 of 3

November 2004

• ISA Server 2004 Security Hardening Guide
  
• Scenarios and Procedures for Microsoft Systems Management Server 2003
  
• Security Management - November 2004
  

  The Great Debates: Pass Phrases vs. Passwords. Part 2 of 3

October 2004

• Adding and Securing a Computer Running Windows Server 2003 in a Windows Small Business Server 2003 Active Directory Domain (1-49 Computers)
  
• Adding and Securing a Computer Running Windows XP Professional by Using Windows Small Business Server 2003 (1-49 Computers)
  
• Backing Up and Restoring Data for Windows 2000 Server (1-49 Computers)
  
• Backing Up and Restoring Data for Windows Server 2003 (1-49 Computers)
  
• Protecting Sensitive Information from Theft on Windows XP Professional in a Workgroup (1-49 Computers)
  
• Securing a Client Computer Running Microsoft Windows XP Professional in a Windows Server 2003 Active Directory Domain (1-49 Computers)
  
• Security Risk Management Guide
  
• Using Microsoft Office Outlook 2003 to Limit Junk E-Mail Messages (1-49 Computers)
  
• Security Management - October 2004
  

  The Great Debates: Pass Phrases vs. Passwords. Part 1 of 3

September 2004

• Windows NT 4.0 and Windows 98 Threat Mitigation Guide
  
• Updated: Windows XP Security Guide v2 (for Service Pack 2)
  

Additional Security Resources

• Global Security Centers
  
• Developer Security Center
  
• Computer Security at Home