Stephen Toulouse
Stephen Toulouse
Stephen Toulouse, also known as Stepto, former Director of Xbox LIVE Policy and Enforcement at Microsoft. He frequently represented Microsoft and Xbox Live in various media, including on Larry Hryb's "Major Nelson Radio" Xbox-related podcast, to discuss security and policy issues...
anyway customer drove history looking people questions sure
We had been looking into detailing the history anyway and some customer questions drove the idea to write it up. We just wanted to make sure people had the history.
cnn computers hit keeping knew literally meeting reporting shutting target track tuesday word
We're literally in a meeting going over our plans, keeping track of things, when we got word on Tuesday that CNN was reporting they had been hit. At the time, we knew a high-profile target was reporting they had been hit and they didn't know what it was. Their computers were shutting down and restarting,
although bad customers infection information mean providing rates sure
Although infection rates are low, it doesn't mean it's not a bad situation, ... We want to make sure, not only are we providing information to make sure customers aren't impacted, but to make sure they know how to get back to an operational state.
both incorrect record size somehow trigger using wrong
There's been some speculation that you can only trigger this by using an incorrect size in your metafile record and that this trigger was somehow intentional. That speculation is wrong on both counts. The vulnerability can be triggered with correct or incorrect size values.
somehow trigger
There's been some speculation that ... this trigger was somehow intentional. That speculation is wrong.
accelerate cause fast problems takes testing trigger
This is why it takes so long, but that's not to say that if there's an exploit, we won't accelerate testing and get it out there as fast as we can. But if we find problems in the testing phase, it could trigger a restart and cause even more delays.
activities against close constantly customers environment exploits eye help keeping lists malicious protect related threat threats
The MSRC is constantly monitoring the threat environment for any malicious activity. We are keeping an especially close eye on the newsgroups and vulnerability lists for exploits related to this month's activities and will mobilize immediately to help protect customers against threats as necessary.
benefit huge
It had a huge benefit to our developers.
time
It is on the table. Every time any kind of exploitation is going on, it is on the table.
automatic enable flaws key people risk understand
The key thing is really that we want to make people understand the risk with these flaws and that they enable automatic updates.
control explorer flash internet using
If you aren't using Macromedia Flash Player, or know that you don't need it, you can disable the ActiveX control in Internet Explorer through the
answer customers huge millions represent responsibility
The huge responsibility we have is that we have to answer to our customers, and our customers represent potentially hundreds of millions of different configurations.
among critical customers older operating prioritize run system versions windows
Among the critical updates, customers who run older versions of the operating system such as Windows 2000 should prioritize MS05-051 for deployment on those systems.
available coming maximum month please possible rating severity soon systems total update
The maximum total severity rating for this month is Critical, so please update systems as soon as possible when the bulletin is available this coming Tuesday.