Microsoft January 2011 Security Bulletin Release

Carlene Chmaj: Today as part of our monthly security bulletin release we have two bulletins addressing three vulnerabilities in Microsoft Windows and Windows Server. This first bulletin is rated Important, while the second is rated Critical.

  • MS11-001. This bulletin resolves one reported issue rated Important and affecting Windows Vista. This security bulletin addresses a vulnerability in Windows Backup Manager. This has an Exploitability Index rating of 1, and gets a 2 on our deployment priority list.
  • MS11-002. This bulletin addresses two vulnerabilities affecting all supported versions of Windows. The first vulnerability is rated Critical for Windows XP, Vista and Windows 7 and the second rated Important for all supported versions of Windows Server. It involves the Microsoft Data Access Components (MDAC). This has an Exploitability Index rating of 1, and because there is a web based attack vector, this is at the top of our deployment priority list.

We are not aware of Proof of Concept code or of any active attacks seeking to exploit the vulnerabilities addressed in this month's release...

Microsoft details packaging, pricing for Office 365 for Education

Mary Jo Foley: Microsoft will be launching Office 365, its successor to BPOS, [email protected] and Office Live Small Business — later this year (I'm still hearing early June). On January 11, Microsoft shared new pricing and packaging details about one of the coming Office 365 SKUs: Office 365 for Education.

Office 365 for Education is the follow-on to [email protected] ([email protected], Microsoft officials said today, currently has 15 million users worldwide.)

Introducing Windows MultiPoint Server 2011

Gavriella Schuster: This week, we’ll participate in BETT, an education event taking place in London, dedicated to showcasing how technology can improve education all over the world. Our education vice president, Anthony Salcito, summarizes the conference news here.

From a Windows perspective, we’re really excited to be part of this effort in our quest to deliver technology that gives students a competitive edge.

At BETT, we’ll talk about Windows MultiPoint Server 2011 a Windows product developed to give teachers and students increased access to technology at a lower cost of ownership. We hear quite often from education leaders there is a huge need and desire for technology, but often schools are cash constrained and don’t have the money to spend on computers...

Bringing computer vision to Windows

Brad Weed: Last week, Steve Lohr of the New York Times explored the evolving landscape of computer vision. Steve notes that computer vision – which broadly includes robotics, object detection and recognition, sequencing, as well as modeling and object interaction - is moving into the mainstream; what would have required a super computer just a decade ago is now possible on common computers of all types. At Microsoft, we believe in the judicious use of these technologies as one way Windows helps you be more creative in how you find and organize your media...

Steve Ballmer E-mail to Employees on Bob Muglia Transition

Steve Ballmer: The best time to think about change is when you are in a position of strength, and that’s where we are today with STB – leading the server business, successful with our developer tools, and poised to lead the rapidly emerging cloud future. Bob Muglia and I have been talking about the overall business and what is needed to accelerate our growth. In this context, I have decided that now is the time to put new leadership in place for STB. This is simply recognition that all businesses go through cycles and need new and different talent to manage through those cycles. Bob has been a phenomenal partner throughout this process, and he and his leadership team have the right strategy in place...

The one security tool every Windows user should know about

Ed Bott: A new zero-day security hole in all versions of Windows is the subject of “targeted attacks,” Microsoft says. The flaw, according to Microsoft Security Advisory 2488013, occurs when an attacker exploits “the creation of uninitialized memory during a CSS function within Internet Explorer.” The result? “It is possible under certain conditions for the memory to be leveraged by an attacker using a specially crafted Web page to gain remote code execution.”