Microsoft

h-online: Microsoft has confirmed that it will deliver a security update for the bundled version of Flash Player used by Internet Explorer 10 (IE10) sooner than previously planned. In a statement sent to ZDNet, Yunsun Wee, Trustworthy Computing Director at Microsoft, said that the company is working closely with Adobe on an updated version of the Flash plugin which “will be available shortly”. The forthcoming Windows 8 comes with Internet Explorer 10, which, in turn, includes its own version of Flash Player. This arrangement relies on Microsoft’s automatic updates system, Windows Update, for updating the version of Flash included in the web browser. ...

In advance of one of the most significant waves of product launches in Microsoft’s history, today they are unveiling a new logo for the company. Microsoft TechNet wrote: It’s been 25 years since we’ve updated the Microsoft logo and now is the perfect time for a change. This is an incredibly exciting year for Microsoft as we prepare to release new versions of nearly all of our products. From Windows 8 to Windows Phone 8 to Xbox services to the next version of Office, you will see a common look and feel across these products providing a familiar and seamless experience on PCs, phones, tablets and TVs. This wave of new releases is not only a reimagining of our most popular products, but also represents a new era for Microsoft, so our logo should evolve to visually accentuate this new beginning. The Microsoft brand is about much more than logos or product names. We are lucky to play a role in the lives of more than a billion people every day. The ways people experience our products are our most important “brand impressions”. That’s why the new Microsoft logo takes its inspiration from our product design principles while drawing upon the heritage of our brand values, fonts and colors. ...

Ubergizmo: Good news for those looking to get their hands on Windows 8 before everyone else does, the final build of Windows 8 has just been leaked online. This news comes a day after it was announced that the final version of Windows 8 had been finished. MSDN and TechNet customers won’t be able to download their version of Windows 8 until August 15th, an enterprise version of Windows 8 is currently making rounds at different file sharing websites across the web. ...

TheRegister.co.uk wrote: Attack Surface Analyzer explains what apps do to your beautiful Windows installation Developers, developers …. *&^%%!!# developers who break Windows! That may well be a refrain that motivated Redmond to release a new software tool, Surface Analyzer 1.0, which explains how new apps impact Windows’ ability to repel the various varieties of naughtyware. Microsoft explains the tool’s powers thusly: Attack Surface Analyzer looks for classes of security weaknesses Microsoft has seen when applications are installed on the Windows operating system, and it highlights these as issues. The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report. Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, Microsoft ActiveX controls, listening ports and other parameters that affect a computer’s attack surface. ...

Mashable Wrote: The team behind Outlook.com revealed in a tweet that one million people signed up for the new email service in just six hours. Microsoft unveiled its Hotmail replacement Tuesday at noon Eastern, and by dinnertime it had cracked seven digits. That’s an impressive spike, illustrated in the chart that @Outlook attached to the tweet (shown below). However, it’s still a tiny fraction of the user base of Hotmail, which comScore pegs at about 350 million — making it the most popular free email service in the world. ...

Mozilla Firefox: Mozilla has released a new update for Firefox, Mozilla Firefox 14.0.1, This version comes with Google Secure search by default, flat buttons in toolbar and some Performance improvement and security fixes. Read more in Mozilla Blog. Mozilla Thunderbird: Mozilla also updated Thunderbird, Mozilla Thunderbird 14, This version mostly focus on stability, performance and security fixes. I think we cannot expect much more new feature in Thunderbird anymore, Mozilla has announced that they changed the way they develop Thunderbird, Read it yourself in Mozilla Blog. ...

Microsoft has released an unscheduled, non-patch day update for Windows to update the Windows Update function itself. However, according to reports from readers, the Windows Update Agent update does not always run smoothly; The H’s associates at heise Security also ran into problems on their test systems. A staggered dissemination of the update has been taking place over the past three to four days. Users who run Windows Update are confronted with a message which says that an update for Windows Update needs to be installed before the system can check for other updates. ...

The H-Online: In response to the Flame worst-case scenario, Microsoft has now integrated a custom block list feature for its certificate store under Windows. The feature was deployed as part of this month’s Patch Tuesday. The Flame worm had spread via Windows Update feature by manipulating the certificates that were intended to protect Windows updates from tampering. As described in a Microsoft Security Response Center (MSRC) blog post, the latest modification automatically causes compromised certificates to be regarded as untrusted. To achieve this, the certificate store checks a Microsoft-maintained list on a daily basis for certificates that are no longer trustworthy. Certificate Authorities are required to inform the company of any revoked certificates, which will then be added to the list. According to a Windows PKI blog post, this method is considerably faster than the deployment of Certificate Revocation Lists (CRLs). ...

The H-Online: Microsoft has released seven security bulletins fixing a total of 27 security holes, 13 of them in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync and Dynamics AX. A patch that had been announced for Visual Basic for Applications has yet to be released. The most important updates are bundled in the cumulative Internet Explorer patch (MS12-037), which includes fixes for the holes that were targeted by Pwn2Own exploits. Microsoft is the last of the companies to close the exposed holes that were targeted during the Pwn2Own competition; Google and Mozilla fixed their browsers in March. According to Michael Kranawetter, Microsoft’s Chief Security Advisor in Germany, the IE patch also affects the Windows 8 Consumer Preview, and therefore Internet Explorer 10. ...

Avira TechBlog Wrote: Microsoft released Security Advisory 2718704 which revokes some certificated which apparently were used to sign the trojan Flame__. In a blog post, Microsoft explains how they discovered that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. The certificates issued by the Terminal Services licensing certification authority, which are intended to only be used for license server verification, were also used to sign code and make it look like as if it was originated from Microsoft. ...