Stephen Toulouse
Stephen Toulouse
Stephen Toulouse, also known as Stepto, former Director of Xbox LIVE Policy and Enforcement at Microsoft. He frequently represented Microsoft and Xbox Live in various media, including on Larry Hryb's "Major Nelson Radio" Xbox-related podcast, to discuss security and policy issues...
attempted continue currently customers exploit help older operating protect publicly systems urge versions
Currently this exploit is not publicly available, but we continue to urge customers on older versions of our operating systems to deploy MS05-051 to help protect from attempted exploitation,
against applied available center correctly customers download install problem protect resolved situation update
This situation is now resolved and customers should be able to get the update. I want to reiterate that the problem had nothing to do with the update itself, you applied it manually from the download center or got it through SUS 1.0 it should install correctly and protect against the vulnerability. But it's available now for everyone.
applying customers recommend risk tested weigh
We have not tested this mitigation tool. We can't recommend it because we have not tested it...Customers should weigh the risk of applying something like this to their systems.
anybody customers hack leave might problems quick time whenever
We can't leave anybody behind. And unfortunately you might be introducing new problems. So whenever we look at even a quick hack ... it's got to be of quality. That's what customers have told us time and again.
best customers face helping meet protect provide secure security service talk valuable views
Security researchers provide a valuable service to our customers in helping us to secure our products. We want to get face to face with them to talk about their views on security, our views on security, and see how best we can meet to protect customers.
anyway customer drove history looking people questions sure
We had been looking into detailing the history anyway and some customer questions drove the idea to write it up. We just wanted to make sure people had the history.
although bad customers infection information mean providing rates sure
Although infection rates are low, it doesn't mean it's not a bad situation, ... We want to make sure, not only are we providing information to make sure customers aren't impacted, but to make sure they know how to get back to an operational state.
activities against close constantly customers environment exploits eye help keeping lists malicious protect related threat threats
The MSRC is constantly monitoring the threat environment for any malicious activity. We are keeping an especially close eye on the newsgroups and vulnerability lists for exploits related to this month's activities and will mobilize immediately to help protect customers against threats as necessary.
answer customers huge millions represent responsibility
The huge responsibility we have is that we have to answer to our customers, and our customers represent potentially hundreds of millions of different configurations.
among critical customers older operating prioritize run system versions windows
Among the critical updates, customers who run older versions of the operating system such as Windows 2000 should prioritize MS05-051 for deployment on those systems.
against code convinced exploit matter reaction saw security team tested windows
We saw the exploit code and our Security Windows Reaction Team tested it against the patch, and we were convinced we would see an attack. It was only a matter of time,
began plan ready test track update weeks
Our test and engineering plan for that update that we began two weeks ago is on track to have that update ready for Tuesday.
currently early phase released testing update
Currently that update is in the testing phase and could be released as early as April. But of course, that isn't final.
currently early explorer firm however internet process testing update
We're working on an update to Internet Explorer and that update is currently in our testing process and could come out as early as April. However there's no firm date.