Stephen Toulouse
Stephen Toulouse
Stephen Toulouse, also known as Stepto, former Director of Xbox LIVE Policy and Enforcement at Microsoft. He frequently represented Microsoft and Xbox Live in various media, including on Larry Hryb's "Major Nelson Radio" Xbox-related podcast, to discuss security and policy issues...
address against brought complete issue protect underlying update vulnerable
Should MS05-018 have been a more complete update to address the underlying vulnerable function? Yes, Cesar is right. But I want to reiterate that MS05-018 did protect against the issue that was brought to us,
currently early explorer firm however internet process testing update
We're working on an update to Internet Explorer and that update is currently in our testing process and could come out as early as April. However there's no firm date.
cumulative explorer internet night security update
We're working day and night on development of a cumulative security update for Internet Explorer that addresses the vulnerability.
currently early phase released testing update
Currently that update is in the testing phase and could be released as early as April. But of course, that isn't final.
against applied available center correctly customers download install problem protect resolved situation update
This situation is now resolved and customers should be able to get the update. I want to reiterate that the problem had nothing to do with the update itself, you applied it manually from the download center or got it through SUS 1.0 it should install correctly and protect against the vulnerability. But it's available now for everyone.
began plan ready test track update weeks
Our test and engineering plan for that update that we began two weeks ago is on track to have that update ready for Tuesday.
available coming maximum month please possible rating severity soon systems total update
The maximum total severity rating for this month is Critical, so please update systems as soon as possible when the bulletin is available this coming Tuesday.
best customers face helping meet protect provide secure security service talk valuable views
Security researchers provide a valuable service to our customers in helping us to secure our products. We want to get face to face with them to talk about their views on security, our views on security, and see how best we can meet to protect customers.
ensure happen hard help lessons situation taken work
We've taken a look at this situation and incorporated some lessons learned. We will work very hard to help ensure something like this doesn't happen in the future,
anyway customer drove history looking people questions sure
We had been looking into detailing the history anyway and some customer questions drove the idea to write it up. We just wanted to make sure people had the history.
cnn computers hit keeping knew literally meeting reporting shutting target track tuesday word
We're literally in a meeting going over our plans, keeping track of things, when we got word on Tuesday that CNN was reporting they had been hit. At the time, we knew a high-profile target was reporting they had been hit and they didn't know what it was. Their computers were shutting down and restarting,
anybody customers hack leave might problems quick time whenever
We can't leave anybody behind. And unfortunately you might be introducing new problems. So whenever we look at even a quick hack ... it's got to be of quality. That's what customers have told us time and again.
applying customers recommend risk tested weigh
We have not tested this mitigation tool. We can't recommend it because we have not tested it...Customers should weigh the risk of applying something like this to their systems.
automatic enable flaws key people risk understand
The key thing is really that we want to make people understand the risk with these flaws and that they enable automatic updates.