Yesterday, as part of our routine monthly security update cycle, Microsoft released 16 new security updates to address identified vulnerabilities.  If you were following my Twitter feed yesterday, you probably saw a few announcements I made about this.  For those of you not yet following my Twitter feed or who may have missed the information shared yesterday, I wanted to put a quick post up here on the blog to let you know about this, as well as how you can be updated on these in the future and some other security resources available to you.

As mentioned above, Microsoft has an ongoing monthly security update cycle that you should be aware of and utilizing.  When we release these monthly  updates, we also hold a webcast to discuss that month’s update and what you should know about it.  For October, 2010, you can see the full Microsoft Security Bulletin HERE.  We will be conducting our monthly security update webcast this morning at 11:00 AM Pacific Time and you can register to addend this webcast HERE.

Here is a list of the security updates that we released in the October update:

• MS10-071 - addresses vulnerabilities in Internet Explorer (KB 2360131)
• MS10-072 - addresses vulnerabilities in Microsoft Server Software (KB 2412048)
• MS10-073 - addresses vulnerabilities in Microsoft Windows (KB 981957)
• MS10-074 - addresses a vulnerability in Microsoft Windows (KB 2387149)
• MS10-075 - addresses a vulnerability in Microsoft Windows (KB 2281679)
• MS10-076 - addresses a vulnerability in Microsoft Windows (KB 982132)
• MS10-077 - addresses a vulnerability in .NET Framework (KB 2160841)
• MS10-078 - addresses vulnerabilities in Microsoft Windows (KB 2279986)
• MS10-079 - addresses vulnerabilities in Microsoft Office (KB 2293194)
• MS10-080 - addresses vulnerabilities in Microsoft Office (KB 2293211)
• MS10-081 - addresses a vulnerability in Microsoft Windows (KB 2296011)
• MS10-082 - addresses a vulnerability in Microsoft Windows Media Player (KB 2378111)
• MS10-083 - addresses a vulnerability in Microsoft Windows (KB 2405882)
• MS10-084 - addresses a vulnerability in Microsoft Windows (KB 2360937)
• MS10-085 - addresses a vulnerability in Microsoft Windows (KB 2207566)
• MS10-086 - addresses a vulnerability in Microsoft Windows (KB 2294255)

If you are not yet receiving the Microsoft Security Bulletins, you should be sure to take advantage of the following:

1. Microsoft Security Bulleting Advance Notification - This advance notification is intended to help our customers plan for effective deployment of security updates, and includes information about the number of new security updates being released, the software affected, severity levels of vulnerabilities, and information about any detection tools relevant to the updates.
2. Register for Microsoft Technical Security Notifications – Microsoft offers these alerts in multiple offerings and delivery methods:
   • Basic Alerts - Microsoft's free monthly Security Notification Service provides links to security-related software updates and notification of re-released Microsoft Security Bulletins. The goal of this service is to provide accurate information you can use to protect your computers and systems from malicious attacks.
   • Comprehensive Alerts - The free Comprehensive alerts serve as an incremental supplement to the Basic Alerts. It provides advance notification of upcoming security bulletins, security advisories, and timely notification of any minor changes to previously released Microsoft Security Bulletins or Advisories.
   • Security Advisories Alerts - Microsoft Security Advisories are a way for Microsoft to communicate security information to customers about issues that may not be classified as vulnerabilities and may not require a security bulletin. Each advisory will be accompanied with a unique Microsoft Knowledge Base Article number for reference to provide additional information about the changes.
   • Microsoft Security Response Center Blog Alerts - The Microsoft Security Response Center (MSRC) blog provides a real-time way for the MSRC to communicate with customers. Topics include day-to-day, "behind the scenes" information to help customers understand Microsoft security response efforts; updates during the early stages of security incidents; and regular postings for the bulletin release cycle.

Something else that you may not be aware of that you should know about is that Microsoft offers no cost technical support for support calls that are associated with security updates. 

• Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY.
• International customers can receive support from their local Microsoft subsidiaries.  For more information about how to contact Microsoft for support issues, visit International Help and Support.

Another important step that you can take in ensuring your PCs are kept up to date from a securities perspective is to turn on Automatic Updates in Windows.  learn about automatic updating, see Update your PC automatically.  If you do not have automatic updating turned on, or to check whether you need the update, go to Microsoft Update. Microsoft Update is an online tool that will scan your computer and provide you a report about what updates your computer needs.

Also, if you are a small business, be sure to utilize the FREE Microsoft Security Essentials which is now available to you from Microsoft to provide no-cost protection from viruses, spyware and other malicious threats. 

Thank you and have a wonderful day,

Eric Ligman – Follow me on TWITTER, LinkedIn, and RSS and see “What I’m thinking”
Global Partner Experience Lead
Microsoft Worldwide Partner Group
This posting is provided "AS IS" with no warranties, and confers no rights