Security Headlines

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
On This Page

March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
January 2003

March 2004

  • Install Security Updates for Office and Outlook Vulnerabilities
    Microsoft's security bulletin release for March includes critical fixes for Office XP Service Pack 2 and Outlook 2002 as well as moderate fixes for Windows 2000 and MSN Messenger versions 6.0 and 6.1.more_new

  • Sign Up for March 16 Executive Webcast
    Join Mike Nash as he provides details on Microsoft security enhancements, insights into strategies for customers, and information on security technologies being delivered in upcoming service packs.more_new

  • Register for the March Security Bulletins Webcast
    Join Microsoft security experts in this webcast for a live discussion of the technical details of the March security bulletins and steps you can take to protect your environment. more_new

  • Confirm You're Protected Against Recent Exploit Code
    The illegal release of Windows source code in early February was quickly followed by an exploit against a vulnerability in Internet Explorer 6.0 that was addressed by Service Pack 1. Make sure SP1 is installed in your networks.more_new

  • Problems Persist: Use This Free Tool
    Get a tool that detects and automatically removes Mydoom.A, Mydoom.B, or Doomjuice (A or B) from your networks. The worm continues to slow network connections and create backdoor vulnerabilities.more_new

  • In-depth Guidance for Securing Computer Systems
    The Microsoft Security Center provides quick access to prescriptive guidance, tools, training, and updates for IT professionals and developers. .more_new

February 2004

January 2004

  • Mydoom Virus Alert (January 27, 2004)
    Please review the Microsoft security alert regarding W32/Mydoom@MM and take appropriate action for your environment. This rapidly spreading, mass-mailer virus affects Microsoft Outlook, Microsoft Outlook Express, and Web-based e-mail.more_new

  • Microsoft Provides Workarounds Pending Update to Internet Explorer(January 27, 2004)
    Microsoft plans to release a software update in early to mid February that modifies the default functionality in Internet Explorer to help reduce the risk of malicious code directing users to spoofed websites. If you include user information in HTTP and HTTPS URLs, explore these workarounds before you install the forthcoming software update.more_new

  • Download the New MBSA 1.2(January 19, 2004)
    The Microsoft Baseline Security Analyzer now scans for missing security updates in numerous server and Office products, and is available in English, German, French, and Japanese versions.more_new

  • January Security Bulletins Include Critical Fix for ISA Server(January 13, 2004)
    Microsoft's monthly security bulletin release on January 13 included fixes rated Critical for Internet Security and Acceleration Server, Important for Windows, and Moderate for servers running Outlook Web Access for Exchange Server 2003.more_new

  • Update VeriSign Web Server Certificates for IIS Now(January 8, 2004)
    VeriSign's old 128-bit Global Server Intermediate Root certification authority certificates for Microsoft Internet Information Services (IIS) and other Web servers expired on January 7, 2004. You should update your servers' certificates to prevent error messages.more_new

  • Register for January 20 Webcast on Wireless Security(January 5, 2004)
    Gregory Wood, Microsoft’s general manager of corporate security, joins Mike Nash, Microsoft’s security vice president, to discuss best practices that Microsoft uses to secure its own wireless network.more_new

December 2003

  • No Security Bulletins for December Monthly Release (December 9, 2003)
    Microsoft had no security bulletins to release December 9, 2003, as part of its monthly release cycle for December. If the need arises for emergency patches, they will be issued outside the monthly releases. For updated security information, see our Security Center andPatch Management pages.Orview previously released summary bulletins and webcasts.

  • Hear About System Resiliency, Network Perimeter Security (December 8, 2003)
    Microsoft’s senior executive in charge of security, Mike Nash, will discuss upcoming Windows XP service packs focusing on system resiliency during a webcast December 16. In addition, Microsoft’s chief information officer, Rick Devenuti, will discuss the company’s best practices in securing its network perimeter. more_new

  • Security Week Webcasts Available on Demand (December 5, 2003)
    Webcasts presented as part of TechNet Security Webcast Week December 1-5 have been recorded and are available now.more_new

November 2003

  • Action: Download the Latest Security Updates (November 11, 2003)
    The November security bulletin release contains critical updates for Windows and FrontPage Server Extensions, and an important update for Office. more_new

  • Get Ready for TechNet Security Week, December 2–5 (November 11, 2003)
    Join Microsoft security experts for a series of webcasts. Topics include patch management, secure network access, Windows Rights Management Services, and more. more_new

  • Webcast Features Microsoft Security VP(November 11, 2003)
    Mike Nash, Microsoft vice president of security, will present a live webcast November 18 on what Microsoft is doing to improve IT security and how it can help you enhance security in your organization. more_new

  • Microsoft Security Resources - Level 200 (November 4, 2003)
    Attend this live webcast for a discussion and demonstration of a number of security resources, tools and services offered by Microsoft for the enterprise environment.more_new

  • Security Bulletin Search More Comprehensive, Flexible (November 3, 2003)
    TechNet's new Security Bulletin Search now finds security updates for components that shipped with a product as well as updates for the product itself. It lets you specify the severity ratings and release dates of the security updates you want to see. Also, you can choose to see only the most recent security updates, excluding those that have been replaced by later updates. more_new

October 2003

  • Action: Get the latest critical Internet Explorer security update (October 3, 2003)
    Install the new cumulative update in Security Bulletin MS03-040 that addresses reports of an exploit on the Internet, affecting Microsoft® Internet Explorer. more_new

  • Microsoft Announces New Security Programs to Help Customers (October 9, 2003)
    In a speech at Microsoft's annual Worldwide Partner Conference, CEO Steve Ballmer announced a broad security effort to help address the increasingly disruptive security challenges. Ballmer outlined changes to the patch management process and to the Microsoft support policy. more_new

  • Microsoft Improves Security Resources for IT Pros (October 9, 2003)
    IT professionals now can quickly access compiled best practices for enterprise security, talk to peers in a new IT Pro Security Community, and use a streamlined registration process for receiving important security news. more_new

  • Action: Download the latest Windows and Exchange security updates (October 15, 2003)
    The October security bulletin contains critical security updates for Microsoft Windows and Exchange Server. more_new

  • Security Bulletins Expanded and Summarized by Product (October 15, 2003)
    Microsoft has begun releasing Security Bulletins once a month to give IT administrators increased predictability and manageability. In addition, each monthly release includes summaries for affected products, and the bulletins contain expanded prescriptive guidance, including workarounds. more_new

September 2003

  • Action: Install New Security Patch Immediately (September 10, 2003)
    Microsoft urges users of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 to read Security Bulletin MS03-039 and install this critical security patch immediately. more_new

  • Update to Security Bulletin MS03-032 (September 8, 2003)
    Microsoft is investigating reports of new variations of a vulnerability in Microsoft Internet Explorer. Read Security Bulletin MS03-032 for the latest updates on this issue. more_new

  • Check for New Security Bulletins Affecting Microsoft Office (September 3, 2003)
    Microsoft has issued four bulletins for Microsoft Office that range in severity from critical to moderate. The bulletin rated critical addresses a buffer-overrun vulnerability in Microsoft Visual Basic for Applications (VBA), which is incorporated in Microsoft Office and various non-Microsoft applications. more_new

August 2003

July 2003

June 2003

  • Microsoft Releases Windows 2000 Service Pack 4 (SP4) (June 26, 2003)
    Service Pack 4 includes a collection of fixes pertaining to operating system reliability, application compatibility, setup, and security. more_new

  • Information about the w32/Bugbear@MM Worm (June 5, 2003)
    Microsoft is alerting customers that the W32/Bugbear@MM worm appears to be spreading in the wild. Previously detailed best practices, such as filtering certain file types and applying security patches, should prevent infection from this Bugbear variant. Customers are advised to review the information and take the appropriate action for their environments. more_new

  • Microsoft Security Certifications for IT Professionals (June 3, 2003)
    Learn how the new Microsoft Certified Systems Administrator (MCSA): Security and Microsoft Certified Systems Engineer (MCSE): Security certifications validate your ability to create a secure computing environment based on the Microsoft platform. more_new

May 2003

  • Information about W32/Palyh@MM worm (May 19, 2003)
    Microsoft is advising customers to be on the alert for a moderately severe mass-mailing worm, W32/Palyh@MM, which spreads via e-mail and network shares. This worm spoofs the address Customers are advised to review information on preventing and removing the virus and to take appropriate action. more_new

  • Information about W32.Fizzer.A@mm mass-mailing worm (May 12, 2003)
    Microsoft is advising customers to be on the alert for a moderately severe mass-mailing worm, W32.Fizzer.A@mm, which can affect Microsoft Outlook, Microsoft Outlook Express, and Web-based e-mail. Customers are advised to review information on preventing and removing the virus and to take appropriate action. more_new

April 2003

  • Information on Bogus Microsoft Security Bulletin E-mails (April 3, 2003)
    From time to time, malicious individuals circulate e-mails that purport to be a Microsoft Security Bulletin or patch and contain or link to an executable file that contains a virus. Stay alert for clues that the e-mails aren’t a bona fide security bulletin or patch. more_new

March 2003

January 2003

Security Headlines Archive